Month: May 2023

  • CSRF token package

    Working on older projects (as i tend to do), I often get various requirements for security enhancements.

    A few days ago, somebody apparently ordered a security test of a site I was working on, so yesterday i got the report:
    3 HIGH security errors, one being that we had no CSRF tokens on the forms.

    gah…

    I started searching for a nice CSRF token package, but the cool ones from Symfony etc used a lot of internal things and this project i worked on, didn’t really use a nice framework (it’s old – but upgraded through the years it’s been in service.. no main framework though)

    So I got my hands dirty and created a new package to handle this 🙂

    The package is called jimmiw/csrf and is available on github and packagist.

    To install it, write:

    composer install jimmiw/csrf

    And you are good to go. Read the README.md file for more info about how to use the package.

    Please note, that it’s already in version 2!… I guess I released it a bit fast yesterday and then today I changed the API…
    Anyways, the unit test proves that it works 🙂