fixed: csrf token is const #437

merged 1 commit into from Dec 13, 2014


None yet
2 participants

cuongth commented Feb 9, 2014

Thanks for Nicolay Garanko's explanation, I can understand his implementation (boss_csrf_filter.erl) and can use it smoothly.
He also provides simple app to test boss_form and boss_csrf_filter:

I recognized that csrf_token doesn't change after refresh /public/login, even delete cookies.
The problem is random:uniform(64) returns constant.

danikp added a commit that referenced this pull request Dec 13, 2014

@danikp danikp merged commit b4fa995 into ChicagoBoss:master Dec 13, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment