Perl: the Markov chain saw | |
PerlMonks |
Re: Dancer2 per-window sessions? (just another variable, url rewriting, form nonce token , xsrf csrf)by Anonymous Monk |
on Jul 02, 2019 at 07:47 UTC ( [id://11102291]=note: print w/replies, xml ) | Need Help?? |
Its like a session id within a session id :) a nonce appended to links/forms to prevent replay attacks and session riding... CSRF ... https://www.owasp.org/index.php/Session_Management#Page_and_Form_Tokens , Cryptographic nonce, Plack::Middleware::CSRFBlock, Dancer2::Plugin::CSRF, Mojolicious::Plugin::DeCSRF, ... /foo/newnew .... issues a new nonce for the stack All the links are nonced /foo/nonce/view/id or some such
In Section
Seekers of Perl Wisdom
|
|