FORGEBOX Enterprise 🚀 - Take your ColdFusion (CFML) Development to Modern Times! Learn More...

verify-csrf-interceptor

v1.0.2 Public

verify-csrf-interceptor

If you are like me, you often forget to include a CSRF token in each form (csrfGenerateToken()) and to check for one in each of your handlers that handle the form submissions (csrfVerifyToken()). This interceptor checks for a CSRF token on all non-GET requests to help you out with this. (You will still need to add a csrfGenerateToken() call to your forms.)

If you find you need a handler to skip the CSRF token check, you can mark the method with the skipCSRFCheck metadata.

component {

	function handle( event, rc, prc ) skipCSRFCheck=true {

	}

}

Here are all the versions for this package. Please note that you can leverage CommandBox package versioning to install any package you like. Please refer to our managing package version guide for more information.

Version Created Last Update Published By Stable Actions
Current
1.0.2 Aug 26 2019 11:52 AM Aug 26 2019 11:52 AM
Version History
1.0.1 Sep 04 2017 10:29 AM Sep 04 2017 10:29 AM
1.0.0 Apr 27 2017 08:49 AM Apr 27 2017 08:49 AM

 

No collaborators yet.
     
  • Apr 27 2017 08:49 AM
  • Aug 26 2019 11:52 AM
  • 766
  • 0
  • 49