I've had no problem with ajax forms and the security component. The token is still added and it still goes through. It only blackholes if you dynamically change that field with javascript.
On Thursday, March 8, 2012 7:20:34 AM UTC-8, euromark wrote: > > well, with ajax and dynamic field injection in forms you need to disable > the component or at least some fields in order to not get blackholed > therefore I rather use the field whitelisting than enabling the security > component > but either way: one of those two options you should use to be on the safe > side > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
