Jump to content
PHP論壇人

防御CSRF攻击


Recommended Posts

IPS论坛有防御CSRF攻击

防止跨站点请求伪造 CSRF

Protecting Against Cross Site Request Forgeries
https://invisioncommunity.com/developers/docs/general/security-considerations-r188/

 

写在代码,例如

\IPS\Http\Url::internal( "app=myapp&module=mymodule&controller=mycontroller&do=myaction" )->csrf()

\IPS\Session::i()->csrfCheck();

 


部份写在语言包,例如

internal.app=core&module=settings&controller=posting&do=rebuildUrlRels.csrf

internal.app=core&module=promotion&controller=promote&do=reschedule.csrf

internal.app=core&module=settings&controller=licensekey&do=refresh.csrf

 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...