FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 07-03-2012, 11:10 AM
Michael Stapelberg
 
Default Bug#680071: ITP: libplack-middleware-csrfblock-perl -- Plack middleware to block CSRF (cross-site request forgery)

Package: wnpp
Owner: Michael Stapelberg <stapelberg@debian.org>
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org,debian-perl@lists.debian.org

* Package name : libplack-middleware-csrfblock-perl
Version : 0.03
Upstream Author : Rintaro Ishizaki <rintaro@cpan.org>
* URL : http://search.cpan.org/dist/Plack-Middleware-CSRFBlock/
* License : Artistic or GPL-1+
Programming Lang: Perl
Description : Plack middleware to block CSRF (cross-site request forgery)

This middleware blocks CSRF. You can use this middleware without any
modifications to your application, in most cases.

When the application response content-type is "text/html" or
"application/xhtml+xml", this middleware inserts a hidden input tag that
contains a token string into all POST-forms found in the response body.

For every POST requests, this middleware ensures that the input parameters
contain the collect token parameter. If not found, the middleware throws an
HTTP error 403 (Forbidden) and the forged request does not even reach your
application.



--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120703111010.873DB3EAB2A@midna.zekjur.net">http://lists.debian.org/20120703111010.873DB3EAB2A@midna.zekjur.net
 

Thread Tools




All times are GMT. The time now is 02:32 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org