Search for Resources and Solutions

How to configure csrf_exclude_uris in Midrub

Midrub has more kind of protections and i don't take much care about attacks because it has more tricks to stop them(except DOS). In Midrub you can't upload your php file in the main directory or assets without adding the exception in htaccess. 

All external post requests versus Midrub will be blocked and for this reason you need the variable csrf_exclude_uris which adds exceptions. It allows you to add exceptions for urls which will support external post requests. For example we need them for the Inbox App, ChatBot App, Api Requests, etc. 

In the video below you will see how to add value for csrf_exclude_uris:

In each app's configuration where is required to use  csrf_exclude_uris i will pulish videos in the configuration category. 

Was this article helpful?