CakePHP Secure logout

I have seen on some CakePHP websites that they have extra information on the logout e.g. http://website.com/logout/DxcFaWlFaDOw

Apparently this is for security reasons? Can anyone tell me more about this an开发者_开发技巧d how to implement it using Cake?

These security codes are called CSRF tokens, and they are used to prevent CSRF attacks to happen. (even though using CSRF tokens in logout links is quite pointless)

You can implement it in Cake by using the Form helper and adding:

public $components = array('Security');

in your controllers.

Source