From: Thibault Le Meur <Thibault.LeM<eur@su...> - 2011-08-26 18:50:44
After a very quick look at the _ci branch, it seems to me that the CSRF
control is disabled in it.
$config['csrf_protection'] = FALSE;
==> Thus CI doesn't enforce CSRF control
In Admin_Controller.php the old CSRF Protection ==> Commented out.
Can you confirm ?