From 14305d08cc06abb2ae8f03bbe352583dc2ed84da Mon Sep 17 00:00:00 2001
From: Alex Tselegidis <alextselegidis@gmail.com>
Date: Fri, 20 May 2022 18:21:44 +0200
Subject: [PATCH] Exclude booking pages from CSRF protection

---
 application/config/config.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/application/config/config.php b/application/config/config.php
index 17e6177d..dbac9753 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -387,7 +387,10 @@ $config['csrf_protection'] = TRUE;
 $config['csrf_token_name'] = 'csrf_token';
 $config['csrf_cookie_name'] = 'csrf_cookie';
 $config['csrf_expire'] = 7200;
-$config['csrf_exclude_uris'] = ['api/v1/.*'];
+$config['csrf_exclude_uris'] = [
+    'api/v1/.*',
+    'booking/.*'
+];
 
 /*
 |--------------------------------------------------------------------------