Browse Source

add csrf meta tag (for use with xhr, for example)

pull/356/head
glaszig 3 years ago
parent
commit
20bb9fe42f
  1. 9
      includes/functions.php
  2. 1
      index.php

9
includes/functions.php

@ -67,6 +67,15 @@ function CSRFToken()
<?php
}
/**
* Retuns a CSRF meta tag (for use with xhr, for example)
*/
function CSRFMetaTag()
{
$token = htmlspecialchars($_SESSION['csrf_token']);
return '<meta name="csrf_token" content="' . $token . '">';
}
/**
*
* Validate CSRF Token

1
index.php

@ -64,6 +64,7 @@ $theme_url = 'dist/css/'.htmlspecialchars($theme, ENT_QUOTES);
<html lang="en">
<head>
<meta charset="utf-8">
<?php echo CSRFMetaTag() ?>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">

Loading…
Cancel
Save