[cgiapp] Fw: FormKeys / Nonce
Mark Rajcok
mrajcok at gmail.com
Wed Sep 1 10:34:07 EDT 2010
On Mon, Jul 19, 2010 at 11:52 AM, Todd Ross <tar.lists at yahoo.com> wrote:
> Is anyone successfully using CGI::Application::Plugin::ProtectCSRF?
> Todd
Hi Todd,
Sorry for the very late reply, but this thread discusses my attempt at
using ProtectCSRF, and should be useful to anyone else looking to add
CSRF to a CGI-App:
http://www.mail-archive.com/cgiapp@lists.openlib.org/msg08075.html
Basically, ProtectCSRF has issues when a form is redisplayed because
of validation errors. I ended up writing my own plugin module (it is
not on CPAN, since it looks a private data of ValidateRM).
-- Mark
> ----- Forwarded Message ----
> From: Todd Ross <tar.lists at yahoo.com>
> To: Michael Peters <mpeters at plusthree.com>
> Sent: Mon, July 19, 2010 10:48:30 AM
> Subject: Re: [cgiapp] FormKeys / Nonce
>
>
> Thanks for the reference Michael.
>
> Unfortunately, I can't even get the module installed, so it's difficult for me
> to evaluate.
More information about the cgiapp
mailing list