Hi,
How to prevent the seagull application from Cross site scripting and Cross-site request forgery.(CSRF)
By adding this in the header will solve ?
$expires = 60*60*24*14;
$output->addHeader("Pragma: public");
$output->addHeader("Cache-
Control: maxage=".$expires);
$output->addHeader('Expires: ' . gmdate('D, d M Y H:i:s', time()+$expires) . ' GMT');
Is there any function in the seagull to enable or Need to add a unique token to each request.