csrf-magic | Automatic CSRF protection for PHP applications | Hacking library

 by   ezyang PHP Version: Current License: BSD-2-Clause

kandi X-RAY | csrf-magic Summary

kandi X-RAY | csrf-magic Summary

csrf-magic is a PHP library typically used in Security, Hacking, Symfony applications. csrf-magic has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

Add the following line to the top of all web-accessible PHP pages. If you have a common file included by everything, put it there. Do it, test it, then forget about it. csrf-magic is protecting you if nothing bad happens. Read on if you run into problems. csrf-magic has the ability to dynamically rewrite AJAX requests which use XMLHttpRequest. However, due to the invasiveness of this procedure, it is not enabled by default. You can enable it by adding this code before you include csrf-magic.php. (Be sure to place csrf-magic.js somewhere web accessible). The default method CSRF Magic uses to rewrite AJAX requests will only work for browsers with support for XmlHttpRequest.prototype (this excludes all versions of Internet Explorer). See this page for more information:
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              csrf-magic has a low active ecosystem.
              It has 35 star(s) with 17 fork(s). There are 6 watchers for this library.
              OutlinedDot
              It had no major release in the last 6 months.
              There are 6 open issues and 7 have been closed. On average issues are closed in 55 days. There are 1 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of csrf-magic is current.

            kandi-Quality Quality

              csrf-magic has 0 bugs and 0 code smells.

            kandi-Security Security

              csrf-magic has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              csrf-magic code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              csrf-magic is licensed under the BSD-2-Clause License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              csrf-magic releases are not available. You will need to build from source code and install.
              Installation instructions are not available. Examples and code snippets are available.
              csrf-magic saves you 105 person hours of effort in developing the same functionality from scratch.
              It has 268 lines of code, 16 functions and 10 files.
              It has low code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of csrf-magic
            Get all kandi verified functions for this library.

            csrf-magic Key Features

            No Key Features are available at this moment for csrf-magic.

            csrf-magic Examples and Code Snippets

            No Code Snippets are available at this moment for csrf-magic.

            Community Discussions

            Trending Discussions on csrf-magic

            QUESTION

            socket.io, vTiger, and csrf-magic.js. CORS issues
            Asked 2021-Sep-22 at 19:55

            I'm attempting to create and add a socket.io module to my vTiger 7.0 so that I can update fields in real-time to multiple users.

            We are have issues with users changing fields that should be locked while our quality control is attempting to check the record. This is causes things to get approved that should not. Node.js with vTiger will be awesome add-on.

            The only problem is that vTiger uses csrf-magic.js to create a token that need to be included in the header to allow CORS

            I have the middleware setup in my node project to allow my vtiger to make a request

            vTiger is on vtiger.example.com

            The node server is on node.example.com:3010

            ...

            ANSWER

            Answered 2021-Sep-22 at 19:55

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install csrf-magic

            You can download it from GitHub.
            PHP requires the Visual C runtime (CRT). The Microsoft Visual C++ Redistributable for Visual Studio 2019 is suitable for all these PHP versions, see visualstudio.microsoft.com. You MUST download the x86 CRT for PHP x86 builds and the x64 CRT for PHP x64 builds. The CRT installer supports the /quiet and /norestart command-line switches, so you can also script it.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/ezyang/csrf-magic.git

          • CLI

            gh repo clone ezyang/csrf-magic

          • sshUrl

            git@github.com:ezyang/csrf-magic.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Hacking Libraries

            wifiphisher

            by wifiphisher

            routersploit

            by threat9

            XSStrike

            by s0md3v

            pwntools

            by Gallopsled

            Atmosphere

            by Atmosphere-NX

            Try Top Libraries by ezyang

            htmlpurifier

            by ezyangPHP

            git-ftp

            by ezyangPython

            convolution-visualizer

            by ezyangJavaScript

            ghstack

            by ezyangPython

            nvprof2json

            by ezyangPython