2017 © Pedro Peláez
 

library psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware - simple Slim Framework 3 integration.

image

schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware - simple Slim Framework 3 integration.

  • Friday, February 24, 2017
  • by schnittstabil
  • Repository
  • 1 Watchers
  • 6 Stars
  • 34,249 Installations
  • PHP
  • 1 Dependents
  • 0 Suggesters
  • 1 Forks
  • 1 Open issues
  • 9 Versions
  • 0 % Grown

The README.md

Psr7\Csrf\Middleware Build Status Coverage Status Scrutinizer Code Quality Code Climate

SensioLabsInsight, (*1)

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware :lock_with_ink_pen:, (*2)

Install

$ composer require schnittstabil/psr7-csrf-middleware

Usage

buildSynchronizerTokenPatternMiddleware();

/*
 * Build a (AngularJS compatible) stateless Cookie-To-Header CSRF proptection middleware.
 *
 * Requires additional dependency:
 *     composer require dflydev/fig-cookies
 */
$csrfMiddleware = CsrfMiddlewareBuilder::create($key)
    ->buildCookieToHeaderMiddleware();
?>

Slim v3 Example

getContainer()['csrf_token_name'] = 'X-XSRF-TOKEN';
$app->getContainer()['csrf'] = function ($c) {
    $key = 'This key is not so secret - change it!';

    return CsrfMiddlewareBuilder::create($key)
        ->buildSynchronizerTokenPatternMiddleware($c['csrf_token_name']);
};
$app->add('csrf');

/*
 * GET routes are not protected (by default)
 */
$app->get('/', function (RequestInterface $request, ResponseInterface $response) {
    $name = $this->csrf_token_name;
    $token = $this->csrf->getTokenService()->generate();

    // render HTML...
    $response = $response->write("");

    return $response->write('successfully GET!');
});

/*
 * POST routes are protected (by default; same applies to PUT, DELETE and PATCH)
 */
$app->post('/', function (RequestInterface $request, ResponseInterface $response) {
    return $response->write('successfully POST');
});

/*
 * Run application
 */
$app->run();
?>

License

MIT © Michael Mayer, (*3)

The Versions

24/02 2017

dev-master

9999999-dev https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware - simple Slim Framework 3 integration.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility

08/04 2016

1.1.1

1.1.1.0 https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware - simple Slim Framework 3 integration.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility

04/04 2016

1.1.0

1.1.0.0 https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware - simple Slim Framework 3 integration.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility

03/03 2016

1.0.5

1.0.5.0 https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility

03/03 2016

1.0.4

1.0.4.0 https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility

26/02 2016

1.0.3

1.0.3.0 https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility

15/02 2016

1.0.2

1.0.2.0 https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility

13/02 2016

1.0.1

1.0.1.0 https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility

13/02 2016

1.0.0

1.0.0.0 https://github.com/schnittstabil/psr7-csrf-middleware

Stateless PSR-7 CSRF (Cross-Site Request Forgery) protection middleware.

  Sources   Download

MIT

The Requires

 

The Development Requires

by Michael Mayer

middleware psr psr-7 psr7 angularjs hmac slim expressive csrf stateless xsrf cross-site request forgery session riding stratigility