How to make random CSRF token name?
we can use php session, but I think it is not good, Can you have other good solutions?
How to make random CSRF token name?
we can use php session, but I think it is not good, Can you have other good solutions?
Why do you need it? And how is it supposed to work if it is always random? You can change the token name in the application config tho: http://www.yiiframework.com/doc/api/1.1/CHttpRequest#csrfTokenName-detail
You could create a MD5 based on the PHPSESSIONID for instance.