Masayuki Matsuki
and 11 contributors

NAME

Ark::Plugin::CSRFDefender - CSRF Defender for Ark

SYNOPSIS

    use Ark::Plugin::CSRFDefender;
    # lib/MyApp.pm
    use_plugins qw(
        CSRFDefender
    );

    # lib/MyApp/Controller/Root.pm
    sub auto :Private {
        my ($self, $c) = @_;

        if (!$c->validate_csrf_token) {
            $self->res->code(403);
            $self->res->body("CSRF ERROR");
            $self->detach;
        }

        ...;

    }

    # lib/MyApp/View/Xslate.pm
    sub render {
        my ($self, $template) = @_;
        my $c = $self->context;

        my $html = $self->xslate->render($template);
        $html = $c->html_filter_for_csrf($html);

        return $html;
    }

CONFIGURATIONS

filter_form

validate_only

METHODS

$c->csrf_token -> Str

$c->validate_csrf_token -> Bool

$c->html_filter_for_csrf($html) -> Str

SEE ALSO

Amon2::Plugin::Web::CSRFDefender, Mojolicious::Plugin::CSRFDefender