2017 © Pedro Peláez
 

library forman-csrf

CSRF protection plugin for shadowprince/forman

image

shadowprince/forman-csrf

CSRF protection plugin for shadowprince/forman

  • Thursday, October 24, 2013
  • by ShadowPrince
  • Repository
  • 1 Watchers
  • 0 Stars
  • 1 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 2 Versions
  • 0 % Grown

The README.md

Forman-CSRF

Forman-Recaptcha - plugin for forman, adding automatic CSRF-protection for all forms. Plugin works at background, no code needed., (*1)

Mechanism

  • Generates and stores token at every form process
  • Compares token from form data and user cookies, if cookie not exist or not matches - field error will be added and verify (so process too) fails
  • Removes csrf_token from process result, so you'll not even notice

You can turn it off for one form

\Forman\CSRFPlugin::disable();
if ($data = $form->process($_POST)) {
    // now there is no CSRF
}
\Forman\CSRFPlugin::enable();

Or global

// somewhere in bootstrap
\Forman\CSRFPlugin::disableGlobal(); // so any enable() will not work now

The Versions

24/10 2013

dev-master

9999999-dev http://shadowprince.github.com/forman-csrf

CSRF protection plugin for shadowprince/forman

  Sources   Download

BSD

The Requires

 

by Vasiliy Horbachenko

component forms csrf slimext forman

24/10 2013

0.1

0.1.0.0 http://shadowprince.github.com/forman-csrf

CSRF protection plugin for shadowprince/forman

  Sources   Download

BSD

The Requires

 

by Vasiliy Horbachenko

component forms csrf slimext forman