|
|
|
|
Synopsis |
|
|
|
Documentation |
|
|
Create view processor for implementing signed cookies.
Pass a secret string (used for hashing), and apply the resulting function
as a view processor.
|
|
|
CSRF protection
Provides a view processor function and other utility functions for protecting
against CSRF using a cookie. It sets a cookie to a random value, provides a
function for adding tokens based on the value to outgoing forms, making them
unique to each user, and requires incoming POST requests to have the same
token.
| Constructors | CSRFProtection | | csrfViewProcessor :: View -> View | view processor that stops requests
without the CSRF token and sets an outgoing
cookie.
| csrfTokenField :: Request -> String | function that returns a hidden
input field to be inserted into
forms.
| csrfTokenName :: String | name to use for CSRF token in forms
| csrfTokenValue :: Request -> String | Returns the raw CSRF token
for a given request
|
|
|
|
|
|
:: Cookie | cookie used for basis of CSRF cookie, must have at least name set, value and expires will be overwritten
| -> View | view to be used for rejects
| -> String | secret string used for hashing
| -> CSRFProtection | | Creates a CSRFProtection object for the supplied options.
|
|
|
|
|
Produced by Haddock version 2.4.2 |