|
|
|
|
| Synopsis |
|
|
|
| Documentation |
|
|
| Create view processor for implementing signed cookies.
Pass a secret string (used for hashing), and apply the resulting function
as a view processor.
|
|
|
CSRF protection
Provides a view processor function and other utility functions for protecting
against CSRF using a cookie. It sets a cookie to a random value, provides a
function for adding tokens based on the value to outgoing forms, making them
unique to each user, and requires incoming POST requests to have the same
token.
| | Constructors | | CSRFProtection | | | csrfViewProcessor :: View -> View | view processor that stops requests
without the CSRF token and sets an outgoing
cookie.
| | csrfTokenField :: Request -> String | function that returns a hidden
input field to be inserted into
forms.
| | csrfTokenName :: String | name to use for CSRF token in forms
| | csrfTokenValue :: Request -> String | Returns the raw CSRF token
for a given request
|
|
|
|
|
|
| :: Cookie | cookie used for basis of CSRF cookie, must have at least name set, value and expires will be overwritten
| | -> View | view to be used for rejects
| | -> String | secret string used for hashing
| | -> CSRFProtection | | | Creates a CSRFProtection object for the supplied options.
|
|
|
|
|
| Produced by Haddock version 2.4.2 |
