[Haskell-cafe] Yesod CSRF token
fr33domlover
fr33domlover at riseup.net
Wed Feb 17 22:08:04 UTC 2016
On Wed, 17 Feb 2016 18:14:17 +0000
Geraldus <heraldhoi at gmail.com> wrote:
> Can you share your code?
>
> If you make your POST requests via forms make sure that you generation
> forms with Yesod functions, in this case it will insert hidden field with
> CSRF token to resulting form widget automatically. If you sending requests
> via XHR make sure to use `defaultCsrfMiddleware` from Yesod.Core.
>
> Hope this helps.
>
> ср, 17 февр. 2016 г. в 15:38, fr33domlover <fr33domlover at riseup.net>:
I'm using yesod-auth-hashdb. The default login form. And I'm using
defaultCsrfMiddleware, it's used by default in the scaffolding template.
--fr33
More information about the Haskell-Cafe
mailing list