pavelsr/app.pl

## app.pl
#!/usr/bin/env perl
# Demo of 'CSRF token validation failed' error bypass using jquery.post and serialize form data as JSON

use Mojolicious::Lite;
use Mojo::SQLite;

helper sqlite => sub {
    state $path = app->home->child( 'data.db' );
    state $sqlite = Mojo::SQLite->new( 'sqlite:' . $path );
    return $sqlite;
};
app->sqlite->auto_migrate(1)->migrations->from_data;

plugin Yancy => {
    backend => { Sqlite => app->sqlite },
    read_schema => 1
};

get '/' => sub {
  my ( $c ) = @_;
  $c->render( template => 'index');
};

app->routes->post( '/cu' )->to( 'yancy#set', schema => 'users' );
app->routes->get( '/lu' )->to( 'yancy#list', schema => 'users' );

app->start;
__DATA__
@@ migrations
-- 1 up
CREATE TABLE users (
		id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
    email VARCHAR UNIQUE,
    is_admin BOOLEAN DEFAULT FALSE,
    password VARCHAR
);

@@ index.html.ep
% layout 'default';
% title 'Demo of issue #95';
%= app->yancy->form->form_for( 'users', properties => [ qw/email password/ ], action => '/cu' )
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" crossorigin="anonymous"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery.serializeJSON/2.9.0/jquery.serializejson.min.js" crossorigin="anonymous"></script>
<script type="text/javascript">
setTimeout(function () {
	$(document).ready(function() {
		$( "form" ).submit(function(e){
			e.preventDefault();
			$.post( "/cu", $('form').serializeJSON(), function( response ) {
				console.log( response );
			}, "json");
		});
	});
}, 0);
</script>

@@ layouts/default.html.ep
<!DOCTYPE html>
<html>
  <head><title><%= title %></title></head>
  <body><%= content %></body>
</html>
	#!/usr/bin/env perl
	# Demo of 'CSRF token validation failed' error bypass using jquery.post and serialize form data as JSON

	use Mojolicious::Lite;
	use Mojo::SQLite;

	helper sqlite => sub {
	state $path = app->home->child( 'data.db' );
	state $sqlite = Mojo::SQLite->new( 'sqlite:' . $path );
	return $sqlite;
	};
	app->sqlite->auto_migrate(1)->migrations->from_data;

	plugin Yancy => {
	backend => { Sqlite => app->sqlite },
	read_schema => 1
	};

	get '/' => sub {
	my ( $c ) = @_;
	$c->render( template => 'index');
	};

	app->routes->post( '/cu' )->to( 'yancy#set', schema => 'users' );
	app->routes->get( '/lu' )->to( 'yancy#list', schema => 'users' );

	app->start;
	__DATA__
	@@ migrations
	-- 1 up
	CREATE TABLE users (
	id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
	email VARCHAR UNIQUE,
	is_admin BOOLEAN DEFAULT FALSE,
	password VARCHAR
	);

	@@ index.html.ep
	% layout 'default';
	% title 'Demo of issue #95';
	%= app->yancy->form->form_for( 'users', properties => [ qw/email password/ ], action => '/cu' )
	<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" crossorigin="anonymous"></script>
	<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery.serializeJSON/2.9.0/jquery.serializejson.min.js" crossorigin="anonymous"></script>
	<script type="text/javascript">
	setTimeout(function () {
	$(document).ready(function() {
	$( "form" ).submit(function(e){
	e.preventDefault();
	$.post( "/cu", $('form').serializeJSON(), function( response ) {
	console.log( response );
	}, "json");
	});
	});
	}, 0);
	</script>

	@@ layouts/default.html.ep
	<!DOCTYPE html>
	<html>
	<head><title><%= title %></title></head>
	<body><%= content %></body>
	</html>