Mojolicious-Plugin-WithCSRFProtection
view release on metacpan or search on metacpan
Mojolicious routes that normally just cause the route matching to fail and
alternative subsequent routes to be evaluated, but immediately returning an
error response makes sense for a failed CSRF check. The actual error rendering
is performed by the `reply.bad_csrf` helper that this plugin installs, and if
you want different error output you should override that helper.
# EXAMPLES
## A Mojolicious::Lite application
Here's a simple Mojolicious application that I can run on my desktop computer
that creates a very simple web interface to adding things to do to my
`todo.txt`.
Because I don't want anyone web page on the internet to be able to tell my
browser to add whatever that web page feels like to my todo list, I add CSRF
protection with the `with_csrf_protection => 1` condition to the POST.
#!/usr/bin/perl
use Mojolicious::Lite;
lib/Mojolicious/Plugin/WithCSRFProtection.pm view on Meta::CPAN
Mojolicious routes that normally just cause the route matching to fail and
alternative subsequent routes to be evaluated, but immediately returning an
error response makes sense for a failed CSRF check. The actual error rendering
is performed by the C<reply.bad_csrf> helper that this plugin installs, and if
you want different error output you should override that helper.
=head1 EXAMPLES
=head2 A Mojolicious::Lite application
Here's a simple Mojolicious application that I can run on my desktop computer
that creates a very simple web interface to adding things to do to my
C<todo.txt>.
Because I don't want anyone web page on the internet to be able to tell my
browser to add whatever that web page feels like to my todo list, I add CSRF
protection with the C<< with_csrf_protection => 1 >> condition to the POST.
#!/usr/bin/perl
use Mojolicious::Lite;
( run in 0.242 second using v1.01-cache-2.11-cpan-299005ec8e3 )