csrf-magic
csrf-magic copied to clipboard
ezyang
Automatic CSRF protection for PHP applications
I am Posting csrf with multipart form data, but not able to verify csrf token in that case.
v1.1.0
Bug Fixes - In some server environments, being behind a load balancer and enabling IP restrictions would be ineffective as other users would all appear to be from the same...
Is this repository authoritative? There are no tags/releases here and the version of the _csrf-magic_ here is apparently still [1.0.4](https://github.com/ezyang/csrf-magic/blob/master/csrf-magic.php#L134) while [http://repo.or.cz/csrf-magic.git](http://repo.or.cz/csrf-magic.git/shortlog) have 1.0.5. Is there a chance to merge...
Reading through the source code https://github.com/ezyang/csrf-magic/blob/7d3527a515471d94d35c3cbc26bc1c70ad25b4e9/csrf-magic.php#L306-L324 I was wondering how to use the key or user feature. Could you provide an example of how to create a static secret to...
After upgrading from 1.0.1 to 1.0.4, file uploads are no longer possible. It seems the JS scrambles the form data somehow. On the server side, $ _ REQUEST and $...
About half the time I find "junk" in my request payload. Naturally, the site I am communicating with complains. {"message": "Unsupported JSON format : Could not create a JSON event...
I am having a problem combining csrf-magic and jquery-file-upload by blueimp. When trying to send the files (i.e. send the upload form), the csrf-magic.js prepends the data with it's token....
I was loading Google map JS to my app. It was making calls using XMLHttpRequest due to override in csrf-magic token was getting injected and corrupting the request expectation.
