Provide a framework for CSRF protection, with tests.
Add CSRF protection to Asset editSave, AssetManager, VersionTags and Group operations.
This commit is contained in:
Colin Kuskie
parent
4664ab7035
commit
5e4db3adb4
19 changed files with 362 additions and 62 deletions
|
|
@ -102,6 +102,20 @@ sub addTab {
|
|||
return $self->{_tab}{$name}{form};
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 csrfToken ( )
|
||||
|
||||
Adds the WebGUI CSRF token to the form. Really a wrapper for WebGUI::Form::CsrfToken.
|
||||
|
||||
=cut
|
||||
|
||||
sub csrfToken {
|
||||
my $self = shift;
|
||||
$self->{_hidden} .= WebGUI::Form::CsrfToken($self->session);
|
||||
}
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 formHeader ( hashRef )
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue