[英]How to use Plack::Middleware::CSRFBlock with Dancer?
我想通過Dancer保護所有形式免受CSRF的侵害。
我嘗試使用Plack::Middleware::CSRFBlock ,但是錯誤顯示“ CSRFBlock需要會話”。 即使我使用Plack::Session ,窗體也沒有包含一個時間標記的隱藏輸入字段。
有什么好的做法嗎? 任何建議,不勝感激。
我的environment/development.yml是:
# configuration file for development environment
# the logger engine to use
# console: log messages to STDOUT (your console where you started the
# application server)
# file: log message to a file in log/
logger: "console"
# the log level for this environment
# core is the lowest, it shows Dancer's core log messages as well as yours
# (debug, info, warning and error)
log: "core"
# should Dancer consider warnings as critical errors?
warnings: 1
# should Dancer show a stacktrace when an error is caught?
show_errors: 1
# auto_reload is a development and experimental feature
# you should enable it by yourself if you want it
# Module::Refresh is needed
#
# Be aware it's unstable and may cause a memory leak.
# DO NOT EVER USE THIS FEATURE IN PRODUCTION
# OR TINY KITTENS SHALL DIE WITH LOTS OF SUFFERING
auto_reload: 0
session: Simple
#session: YAML
plack_middlewares:
-
#- Session
- CSRFBlock
- Debug
- panels
-
- Parameters
- Dancer::Version
- Dancer::Settings
- Memory
路線是:
get '/test' => sub {
return <<EOM
<!DOCTYPE html>
<html>
<head><title>test route</title></head>
<body>
<form action="./foobar" method="post">
<input type="text"/>
<input type="submit"/>
</form>
</body>
</html>
EOM
};
好吧,我注意到沒有顯示“調試”面板,這意味着未加載Plack :: Middlewares :: Debug。 在“ 如何將Dancer與Plack中間件一起使用”的幫助下| PerlDancer出現日歷和Plack :: Middleware :: Debug :: Dancer :: Version我設法將其打開
session: PSGI
## Dancer::Session::PSGI
plack_middlewares:
-
- Session
-
- CSRFBlock
-
- Debug
## panels is an argument for Debug, as in
## enable 'Debug', panels => [ qw( Parameters Response Environment Session Timer Dancer::Logger Dancer::Settings Dancer::Version ) ];
- panels
-
- Parameters
- Response
- Environment
- Session
- Timer
- Dancer::Logger
- Dancer::Settings
- Dancer::Version
#Plack::Middleware::Debug::Dancer::Version
與Dancer webapp一起使用Plack :: Middleware :: DBIC :: QueryLog
[英]using Plack::Middleware::DBIC::QueryLog with Dancer webapp
你如何在 Twiggy 服務器上使用 Plack::Middleware::Session?
[英]How do you use Plack::Middleware::Session with a Twiggy server?
您如何在Starman Server上使用Plack :: Middleware :: Session?
[英]How do you use Plack::Middleware::Session with a Starman Server?
如何設置由Plack :: Middleware :: Session管理的cookie的到期時間?
[英]How to set the expiration time for a cookie managed by Plack::Middleware::Session?
將Plack應用程序與反向代理一起使用-Plack :: Middleware :: Debug
[英]Using Plack app with a reverse proxy - Plack::Middleware::Debug
與perl Dancer / plack / Starman和多個工作人員一起使用會話
[英]Using sessions with perl Dancer/plack/Starman and multiple workers
如何編寫在 HTTP 響應發送到客戶端后運行的 Plack 中間件?
[英]How do I write a Plack middleware that runs after the HTTP response is sent to the client?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.