|
Play Framework/Scala example source code file (CSRF.scala)
The CSRF.scala Play Framework example source code/* * Copyright (C) 2009-2013 Typesafe Inc. <http://www.typesafe.com> */ package views.html.helper import play.api.mvc._ import play.twirl.api.{ Html, HtmlFormat } /** * CSRF helper for Play calls */ object CSRF { /** * Add the CSRF token as a query String parameter to this reverse router request */ def apply(call: Call)(implicit token: play.filters.csrf.CSRF.Token): Call = { new Call( call.method, call.url + { if (call.url.contains("?")) "&" else "?" } + play.filters.csrf.CSRF.TokenName + "=" + token.value ) } /** * Render a CSRF form field token */ def formField(implicit token: play.filters.csrf.CSRF.Token): Html = { // probably not possible for an attacker to XSS with a CSRF token, but just to be on the safe side... Html(s"""<input type="hidden" name="${play.filters.csrf.CSRF.TokenName}" value="${HtmlFormat.escape(token.value)}"/>""") } } Other Play Framework source code examplesHere is a short list of links related to this Play Framework CSRF.scala source code file: |
... this post is sponsored by my books ... | |
#1 New Release! |
FP Best Seller |
Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.
A percentage of advertising revenue from
pages under the /java/jwarehouse
URI on this website is
paid back to open source projects.