NAME

Ark::Plugin::CSRFDefender - CSRF Defender for Ark

SYNOPSIS

use Ark::Plugin::CSRFDefender;
# lib/MyApp.pm
use_plugins qw(
    CSRFDefender
);

# lib/MyApp/Controller/Root.pm
sub auto :Private {
    my ($self, $c) = @_;

    if (!$c->validate_csrf_token) {
        $self->res->code(403);
        $self->res->body("CSRF ERROR");
        $self->detach;
    }

    ...;

}

# lib/MyApp/View/Xslate.pm
sub render {
    my ($self, $template) = @_;
    my $c = $self->context;

    my $html = $self->xslate->render($template);
    $html = $c->html_filter_for_csrf($html);

    return $html;
}

CONFIGURATIONS

filter_form

validate_only

METHODS

$c->csrf_token -> Str

$c->validate_csrf_token -> Bool

$c->html_filter_for_csrf($html) -> Str

SEE ALSO

Amon2::Plugin::Web::CSRFDefender, Mojolicious::Plugin::CSRFDefender