Commit b0351ba4 by Mark

docs improved

parent 5c2064bd
......@@ -39,7 +39,7 @@ The output of an action is what the method returns. The return value will be han
component which can convert the output to differnet formats such as JSON for example. The default behavior
is to output the value unchanged though.
You also can disable CSRF validation per controller, by setting its property:
You also can disable CSRF validation per controller and/or action, by setting its property:
```php
namespace app\controllers;
......@@ -59,6 +59,24 @@ class SiteController extends Controller
}
```
To disable CSRF validation per custom actions you can do:
```php
namespace app\controllers;
use yii\web\Controller;
class SiteController extends Controller
{
public function beforeAction($action)
{
// ...set `$this->enableCsrfValidation` here based on some conditions...
// call parent method that will check CSRF if such property is true.
return parent::beforeAction($action);
}
}
```
Routes
------
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment