Skip to content

HTMLDocumentProtector returns token once generated
Compare
Choose a tag to compare
@g105b g105b released this 06 May 17:51
· 31 commits to master since this release
v1.7.0
f98b9eb
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This library doesn't get many releases because of it's simplicity, but today we're releasing a simple change as an improvement that WebEngine will take advantage of straight away.

The protectAndInject function of the HTMLDocumentProtector now returns the token it generates, which will be used to send the token as a response header in the WebEngine's dispatcher.

The purpose of this change is simply to make client-side development slightly easier when dealing with CSRF tokens, specifically when making POST requests, such as when uploading a file using the browser's fetch API.

Assets 2
Loading