Package: wnpp
Owner: Michael Stapelberg <[email protected]>
Severity: wishlist
X-Debbugs-CC: [email protected],[email protected]

* Package name    : libplack-middleware-csrfblock-perl
  Version         : 0.03
  Upstream Author : Rintaro Ishizaki <[email protected]>
* URL             : http://search.cpan.org/dist/Plack-Middleware-CSRFBlock/
* License         : Artistic or GPL-1+
  Programming Lang: Perl
  Description     : Plack middleware to block CSRF (cross-site request forgery)

This middleware blocks CSRF. You can use this middleware without any
modifications to your application, in most cases.

When the application response content-type is "text/html" or
"application/xhtml+xml", this middleware inserts a hidden input tag that
contains a token string into all POST-forms found in the response body.

For every POST requests, this middleware ensures that the input parameters
contain the collect token parameter. If not found, the middleware throws an
HTTP error 403 (Forbidden) and the forged request does not even reach your
application.



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to