Skip to content

Instantly share code, notes, and snippets.

@brianmed

brianmed/Json_csrf.txt

Created June 9, 2016 16:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save brianmed/90ea5d08ea5b50d9f292aba53de52d6d to your computer and use it in GitHub Desktop.
Save brianmed/90ea5d08ea5b50d9f292aba53de52d6d to your computer and use it in GitHub Desktop.
Download ZIP
Csrf with json
Raw
Json_csrf.txt
beforeSend: function(req) {
req.setRequestHeader('X-CSRF-Token', "<%= csrf_token %>");
}
...
my $c = shift;
return($c->render(json => {success => 0, message => "No JSON found" })) unless $c->req->json;
$c->req->json->{csrf_token} = $c->req->headers->header('X-CSRF-Token');
my $validation = $c->validation->input($c->req->json);
return $c->render(json => {success => 0, message => "CSRF token invalid"})
if $validation->csrf_protect->has_error('csrf_token');
$validation->required('account_email', 'trim')->email;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment