logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

HTML::FormHandler::Field::RequestToken - Hidden text field which contains a unique time-stamped token

Attributes

expiration_time
       Length of time (in seconds) that token will be accepted as valid from the time it is initially generated.
       Defaults to 3600.

   token_prefix
       An optional string to prepend to the token value before encrypting it.  If specified, any received tokens
       must begin with this value to be accepted as valid.  Defaults to an empty string.

       Passed on form process. "$c->sessionid . '|'"

   crypto_key
       Key to use to encrypt/decrypt the token payload.

   crypto_cipher_type
       The "Crypt::CBC" cipher to use to encrypt/decrypt the token payload.  Defaults to "Blowfish".

   message
       Error message if token is missing/invalid.

   cipher
       A "Crypt::CBC" object to handle encrypting/decrypting the token payload.  If not specified, "crypto_key"
       and "crypto_cipher_type" will be used to construct one.

   verify_token
       Validates whether the specified token is currently valid for this form.

   get_token
       Generates a new token and returns it.

Author

       FormHandler Contributors - see HTML::FormHandler

Description

       This field is for preventing CSRF attacks.  It contains an encrypted token containing an expiration time
       for the form.  No data needs to be persisted in the user's session or on the server.

Name

       HTML::FormHandler::Field::RequestToken - Hidden text field which contains a unique time-stamped token

Synopsis

           with 'HTML::FormHandler::Field::Role::RequestToken';
           ...
           has_field '_token' => (
               type => 'RequestToken',
           );

Version

       version 0.40068

See Also