Index

$#! · 0-9 · A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · Q · R · S · T · U · V · W · X · Y · Z

A
	authorisePost
C
$	config
$	cookieExpiryTime
	createNewJsCache
	csrfprotector.php
F
	failedValidationAction
	Functions
G
	generateAuthToken
	getCurrentUrl
I
	init
$	isSameOrigin
	isURLallowed
$	isValidHTML
L
	logCSRFattack
M
	modifyURL
O
	ob_handler
R
	refreshToken
$	requestType
	rewriteHTML
U
	useCachedVersion
V
	Variables

public static function authorisePost()

function to authorise incoming post requests

public static $config

config file for CSRFProtector @var int Array, length = 6 Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails Property: #2: logDirectory (string) => directory in which log will be saved Property: #3: customErrorMessage (string) => custom error message to be sent in case of failed authentication Property: #4: jsFile (string) => location of the CSRFProtector js file Property: #5: tokenLength (int) => default length of hash Property: #6: disabledJavascriptMessage (string) => error message if client’s js is disabled

public static $cookieExpiryTime

expiry time for cookie @var int

public static function createNewJsCache()

Function to create new cache version of js

private static function failedValidationAction()

function to be called in case of failed validation performs logging and take appropriate action

public static function generateAuthToken()

function to generate random hash of length as given in parameter max length = 128

private static function getCurrentUrl()

Function to return current url of executing page

public static function init( $length = null,
$action = null )

function to initialise the csrfProtector work flow

private static $isSameOrigin

flag for cross origin/same origin request @var bool

public static function isURLallowed( $url )

Function to check if a url mataches for any urls Listed in config file

private static $isValidHTML

flag to check if output file is a valid HTML or not @var bool

private static function logCSRFattack()

Functio to log CSRF Attack

public static function modifyURL( $url,
$token )

Function to modify url & append CSRF token

public static function ob_handler( $buffer,
$flags )

Rewrites form on the fly to add CSRF tokens to them.

public static function refreshToken()

Function to set auth cookie

protected static $requestType

Varaible to store weather request type is post or get @var string

public static function rewriteHTML( $buffer )

Function to perform static rewriting of forms and URLS

public static function useCachedVersion()

function to check weather to use cached version of js file or not