[Haskell-cafe] Yesod CSRF token

fr33domlover fr33domlover at riseup.net
Wed Feb 17 22:08:04 UTC 2016


On Wed, 17 Feb 2016 18:14:17 +0000
Geraldus <heraldhoi at gmail.com> wrote:

> Can you share your code?
> 
> If you make your POST requests via forms make sure that you generation
> forms with Yesod functions, in this case it will insert hidden field with
> CSRF token to resulting form widget automatically.  If you sending requests
> via XHR make sure to use `defaultCsrfMiddleware` from Yesod.Core.
> 
> Hope this helps.
> 
> ср, 17 февр. 2016 г. в 15:38, fr33domlover <fr33domlover at riseup.net>:

I'm using yesod-auth-hashdb. The default login form. And I'm using
defaultCsrfMiddleware, it's used by default in the scaffolding template.

--fr33


More information about the Haskell-Cafe mailing list