Jakach/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding enhanced csrf protection
Deploy / deploy (push) Successful in 33s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-06 09:07:48 +02:00
parent 7ae7df0a11
commit d82a08f77b
25 changed files with 132 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app-code/login/passkey.php
+4
View File
@@ -10,6 +10,7 @@ secure_session_start();
<title>Jakach Login</title>
<?php
include "../assets/components.php";
print_csrf_script();
?>
</head>
<body>
@@ -106,6 +107,9 @@ async function checkRegistration() {
// send to server
rep = await window.fetch('/api/login/check_passkey.php?fn=processGet' + getGetParams(), {
method:'POST',
headers: {
'X-CSRF-Token': window.csrfToken
},
body: JSON.stringify(authenticatorAttestationResponse),
cache:'no-cache'
});