iarv/znc
1
0
Fork 0
mirror of https://github.com/znc/znc.git synced 2026-05-09 23:04:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

Allow modules to override CSRF protection.

Browse Source 
Useful for Web APIs and all other kinds of things.

API changes:
	- Added public CHTTPSock::GetURI() method
	- Added public CModule::ValidateWebRequestCSRFCheck() method
	- Made CWebSock::GetCSRFCheck() method public so it can be accessed
	  from CModule
	- Added public CWebSock::ValidateCSRFCheck() method

Other changes:
	- Added a Sample Web API module (modules/samplewebapi.cpp) and a
	  simple web form with no CSRF check.

Implements feature request #1180.
This commit is contained in:
Latchezar Tzvetkoff
2016-07-15 18:01:41 +03:00
committed by lol768
parent 222ae86fcc
commit a9a7f17910
8 changed files with 111 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/data/samplewebapi/tmpl/index.tmpl
+21
View File
@@ -0,0 +1,21 @@
<? INC Header.tmpl ?>
<form method="post" action="<? VAR URIPrefix TOP ?><? VAR ModPath ?>">
<div class="section">
<h3>Sample Web API</h3>
<div class="sectionbg">
<div class="sectionbody">
<div class="subsection full">
<div class="inputlabel">Text:</div>
<textarea name="text" cols="70" rows="5" class="monospace"></textarea>
<br /><span class="info">Sample text that will be returned plain on submit/API request.</span>
</div>
<div class="subsection submitline">
<input type="submit" name="submit" value="Submit" />
</div>
</div>
</div>
</div>
</form>
<? INC Footer.tmpl ?>