1HTML::FormHandler::FielUds:e:rReCqounetsrtiTboukteendH(T3PM)eLr:l:FDoorcmuHmaenndtlaetri:o:nField::RequestToken(3)
2
3
4
6 HTML::FormHandler::Field::RequestToken
7
9 version 0.40068
10
12 with 'HTML::FormHandler::Field::Role::RequestToken';
13 ...
14 has_field '_token' => (
15 type => 'RequestToken',
16 );
17
19 This field is for preventing CSRF attacks. It contains an encrypted
20 token containing an expiration time for the form. No data needs to be
21 persisted in the user's session or on the server.
22
24 HTML::FormHandler::Field::RequestToken - Hidden text field which
25 contains a unique time-stamped token
26
28 expiration_time
29 Length of time (in seconds) that token will be accepted as valid from
30 the time it is initially generated. Defaults to 3600.
31
32 token_prefix
33 An optional string to prepend to the token value before encrypting it.
34 If specified, any received tokens must begin with this value to be
35 accepted as valid. Defaults to an empty string.
36
37 Passed on form process. "$c->sessionid . '|'"
38
39 crypto_key
40 Key to use to encrypt/decrypt the token payload.
41
42 crypto_cipher_type
43 The "Crypt::CBC" cipher to use to encrypt/decrypt the token payload.
44 Defaults to "Blowfish".
45
46 message
47 Error message if token is missing/invalid.
48
49 cipher
50 A "Crypt::CBC" object to handle encrypting/decrypting the token
51 payload. If not specified, "crypto_key" and "crypto_cipher_type" will
52 be used to construct one.
53
54 verify_token
55 Validates whether the specified token is currently valid for this form.
56
57 get_token
58 Generates a new token and returns it.
59
61 FormHandler Contributors - see HTML::FormHandler
62
64 This software is copyright (c) 2017 by Gerda Shank.
65
66 This is free software; you can redistribute it and/or modify it under
67 the same terms as the Perl 5 programming language system itself.
68
69
70
71perl v5.32.0 2020H-T0M7L-:2:8FormHandler::Field::RequestToken(3)