FORGEBOX Enterprise 🚀 - Take your ColdFusion (CFML) Development to Modern Times! Learn More...


v2.0.0 Public


If you are like me, you often forget to include a CSRF token in each form (csrfGenerateToken()) and to check for one in each of your handlers that handle the form submissions (csrfVerifyToken()). This interceptor checks for a CSRF token on all non-GET requests to help you out with this. (You will still need to add a csrfGenerateToken() call to your forms.)

If you find you need a handler to skip the CSRF token check, you can mark the method with the skipCSRFCheck metadata.

component {

	function handle( event, rc, prc ) skipCSRFCheck=true {



Dependencies (0)

Dev Dependencies (2)

$ box install verify-csrf-interceptor

No collaborators yet.
  • {{ getFullDate("2017-04-27T08:49:43Z") }}
  • {{ getFullDate("2020-01-06T07:34:06Z") }}
  • 2,108
  • 291