anti-csrf
anti-csrf copied to clipboard
paragonie
Full-Featured Anti-CSRF Library
Thanks for your awesome library works great with forms but not well with Ajax request and here's what i mean. An example has been sighted https://github.com/paragonie/anti-csrf/issues/15 If i had an...
Hello, First of all, thank you for the quality library. I rarely have such a high confidence level for a PHP library after perusing its code. This is probably a...
If I use the readme example: ``` use \ParagonIE\AntiCSRF\AntiCSRF; $twigEnv->addFunction( new \Twig_SimpleFunction( 'form_token', function($lock_to = null) { static $csrf; if ($csrf === null) { $csrf = new AntiCSRF; } return...
Inputs on form, ``` ``` Session variables dumped at the end of page, ``` array(1) { ["CSRF"]=> array(1) { ["v6Dzi3KrRDV68kNdPFCES+UU"]=> array(4) { ["created"]=> int(20160114152843) ["uri"]=> string(1) "/" ["token"]=> string(44) "T0kXM8I9nzUFv3w7flJTlbOjFa1OEMNR+5xwnHvpqr4="...
Switch has only single case, it is replaced with 'if'. Add '?\DateInterval' as the property's type of $tokenLifetime
It seems to me that one could generate just one 'token' string, and use that as the index for the array stored in the session which holds the token data....
