Skip to content

Commit 474f7fb

Browse files
samdarksamdark
committed
Merge pull request samdark#59 from CthulhuDen/patch-1
Update incoming-post.md
2 parents c3437c4 + cbdc413 commit 474f7fb

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

book/incoming-post.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ Handling incoming third party POST requests
33

44
By default Yii uses CSRF protection that verifies that POST requests could be made only by the same application.
55
It enhances overall security significantly but there are cases when CSRF should be disabled i.e. when you expect
6-
incoming POST requests from a third party serice.
6+
incoming POST requests from a third party service.
77

88
Additionally, if third party is posting via XMLHttpRequest (browser AJAX), we need to send additional headers to allow CORS ([cross-origin resource sharing](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing)).
99

0 commit comments

Comments
 (0)