hovensoft / duskphp-middleware
A middleware 's collection
Requires
- php: >=7.1.0
- http-interop/http-middleware: ^0.4.1
- psr/http-message: ^1.0
Requires (Dev)
- friendsofphp/php-cs-fixer: ^2.5
- phpunit/phpunit: ~6.2.0
- satooshi/php-coveralls: ^1.0
- squizlabs/php_codesniffer: ^3.0
This package is auto-updated.
Last update: 2024-12-08 19:55:48 UTC
README
Provide middleware:
- a CSRF authenticator which protect against CSRF attack with a token authentication
How to use
- ## CSRF Authenticator How to use it ?
This middleware check every POST, PUT and DELETE request for a CSRF token.
$middleware = new CsrfMiddleware($_SESSION, 200); $dispatcher->pipe($middleware);
Input
The middleware check if the string <:csrf_token_field:> is in response and replace it with
the authenticator's token.
<form action="" method="post"> ... <:csrf_token_field:> </form>
LICENSE
DuskPHP - A simple PHP framework build with middleware pattern
Copyright (C) 2017 HovenSoft
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see www.gnu.org/licenses.