FORGEBOX Enterprise 🚀 - Take your ColdFusion (CFML) Development to Modern Times! Learn More...

verify-csrf-interceptor

v2.0.0 Public

verify-csrf-interceptor

If you are like me, you often forget to include a CSRF token in each form (csrfGenerateToken()) and to check for one in each of your handlers that handle the form submissions (csrfVerifyToken()). This interceptor checks for a CSRF token on all non-GET requests to help you out with this. (You will still need to add a csrfGenerateToken() call to your forms.)

If you find you need a handler to skip the CSRF token check, you can mark the method with the skipCSRFCheck metadata.

component {

	function handle( event, rc, prc ) skipCSRFCheck=true {

	}

}

Here are all the versions for this package. Please note that you can leverage CommandBox package versioning to install any package you like. Please refer to our managing package version guide for more information.

Version Created Last Update Published By Stable Actions
Current
2.0.0 Jan 06 2020 07:34 AM Jan 06 2020 07:34 AM
Version History
1.0.2 Aug 26 2019 11:52 AM Aug 26 2019 11:52 AM
1.0.1 Sep 04 2017 10:29 AM Sep 04 2017 10:29 AM
1.0.0 Apr 27 2017 08:49 AM Apr 27 2017 08:49 AM

 

$ box install verify-csrf-interceptor

No collaborators yet.
     
  • Apr 27 2017 08:49 AM
  • Jan 06 2020 07:34 AM
  • 974
  • 0
  • 90