BeforeUrlCheck: Difference between revisions

Latest revision as of 11:45, 5 September 2018

Hint: This features is available starting in version 4.0.0

When

This event is fired when a request is posted to LimeSurvey that needs to be tested for CSRF compatibility

Input

The event receives the following information:

Name	Type	Description
routes	array	The routes where CSRF check is disabled for
params	array	The parameters where the CSRF check is disabled for

Possible output

The default values in csrf disabled routes are:

- 'remotecontrol',
- 'plugins/unsecure'

Example

        $oEvent = $this->getEvent();
        $aParams = $oEvent->get('params');
        $aRoutes = $oEvent->get('routes');

        $aParams['unsaferequestparamkey'] = 'unsaferequestparamvalue' ;
        $aRoutes[] = 'admin/unsaferouteineed';

        $oEvent->set('params', $aParams);
        $oEvent->set('routes', $aRoutes);

Revision as of 11:47, 22 June 2018 (view source) Markusfluer (talk \| contribs) No edit summary ← Older edit		Latest revision as of 11:45, 5 September 2018 (view source) Markusfluer (talk \| contribs) No edit summary
Line 1:		Line 1:
	{{FeatureStarting\|3.0.0}}		{{FeatureStarting\|4.0.0}}

	'''When'''		'''When'''

BeforeUrlCheck: Difference between revisions

From LimeSurvey Manual

Latest revision as of 11:45, 5 September 2018