Skip to content

Instantly share code, notes, and snippets.

@bcswartz

bcswartz/modelGlue.xml

Created November 23, 2017 20:11
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bcswartz/7bafa12518eeb849da36b4860bba1538 to your computer and use it in GitHub Desktop.
Save bcswartz/7bafa12518eeb849da36b4860bba1538 to your computer and use it in GitHub Desktop.
Download ZIP
CSRF protection example in a ModelGlue-based ColdFusion app, part 2
Raw
modelGlue.xml
<event-types>
<event-type name="permitted">
<before>
<broadcasts>
<message name="checkAuthorization" />
<message name="secureTransmissionURL" />
</broadcasts>
<results>
...<!--Whatever you do if user is not authenticated yet-->
</results>
</before>
</event-type>
<event-type name="validateTransmission">
<before>
<broadcasts>
<message name="validateTransmissionURL" />
</broadcasts>
<results>
<result name="invalidTransmission" append="validationProblem" do="invalidTransmission" redirect="true" />
</results>
</before>
</event-type>
</event-types>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment