csrf icon indicating copy to clipboard operation
csrf copied to clipboard

verified publisher icon yiisoft

Metadata

PSR-15 middleware implementing CSRF protection

Results 7 csrf issues
Sort by recently updated
recently updated
newest added

Update README.md

luizcmarin avatar luizcmarin

Remove `psalm83.xml` after raising PHP version to `8.3`

vjik avatar vjik

Whether the package needs to be updated according to OWASP?

2 comment

In the documentation you refer to [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html): now only `Synchronizer Token Pattern` and `Double Submit Cookie` are actual there. `HMAC Based Token Pattern` and `Encryption based Token Pattern` were removed....

solventt avatar solventt

severity:security

Add lifetime to synchronizer token

vjik avatar vjik

type:enhancement

added option to control body parsing

2 comment

| Q | A | ------------- | --- | Is bugfix? | ❌ | New feature? | ✔️ | Breaks BC? | ❌ Example for #65

olegbaturin avatar olegbaturin

status:under discussion

Add Custom Request Headers for AJAX/API

4 comment

https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#employing-custom-request-headers-for-ajaxapi

olegbaturin avatar olegbaturin

Mark `SessionCsrfTokenStorage` as final

vjik avatar vjik

Metadata

24
Stars
8
Forks
Watchers

Owner

verified publisher icon yiisoft

Metadata

PSR-15 middleware implementing CSRF protection

Back