Alexander Makarov
Alexander Makarov
I've re-read RFC and it seems if you're carefully using ASCII values only you're safe not encoding value. I'd not consider that a good practice though. That's why the question.
Alright. So you plan to override `Request::generateCsrfToken()` and turn on raw mode there? That both makes sense and is controversial. First of all, CSRF token value is written into a...
Alright. Let's add "raw" mode.
@lourdas that would change current behavior people may rely on.
Oh. Ignore that comment. Was thinking about something else.
Can't it be solved w/o extra query?
@turalus not enough time to solve everything at once. If you know how to fix it and have extra time it would be great to get a pull request solving...
@brandonkelly it makes sense, yes.
@klimov-paul, @cebe, @SilverFire, @dynasource ?
@mtangoo what @brandonkelly suggested makes sense. We currently don't have enough time to code it ourselves though.