aboutsummaryrefslogtreecommitdiff
path: root/www/p5-Catalyst-Plugin-FormCanary
Commit message (Collapse)AuthorAgeFilesLines
* Welcome bsd.perl.mk. Add support for constructs such as USE_PERL5=5.8.0+.Mark Linimon2007-09-081-6/+2
| | | | | | | | | | | Drop support for antique perl. Work done by: gabor Sponsored by: Google Summer of Code 2007 Hat: portmgr Notes: svn path=/head/; revision=199069
* FormCanary will examine your outgoing HTML and add a canary value toLars Balker Rasmussen2007-06-194-0/+58
each form. When the form is submitted, the value of the canary is com- pared against one saved in the session at page generation time. If the canary that's sent doesn't match the one in the session (or there is no canary at all), the request is halted. There is no way to get params into your application without a correct canary. This is good for preventing "cross-site request attacks". This module is compatible with FormBuilder. Just drop it into your use line and have secure submit-once-only forms. Yay. Inspired by: http://www.25hoursaday.com/weblog/2007/06/05/WhatRubyOnRailsCanLearnFromASPNET.a spx Notes: svn path=/head/; revision=193874