Permalink
Browse files

Extra CSRF debug logging #756

  • Loading branch information...
1 parent ad69ea3 commit 2dfa92837c1fc36003bdb81dfb652efed27fbbf1 @rjmackay rjmackay committed Sep 12, 2012
Showing with 2 additions and 0 deletions.
  1. +1 −0 application/libraries/Validation.php
  2. +1 −0 modules/csrf/helpers/csrf.php
View
1 application/libraries/Validation.php
@@ -423,6 +423,7 @@ public function validate($validate_csrf = TRUE)
if ( ! csrf::valid($form_auth_token))
{
Kohana::log('debug', 'Invalid CSRF token: '.$form_auth_token);
+ Kohana::log('debug', 'Actual CSRF token: '.csrf::token());
// Flag CSRF validation as having failed
$this->csrf_validation_failed = TRUE;
View
1 modules/csrf/helpers/csrf.php
@@ -37,6 +37,7 @@ public static function token($replace = FALSE)
// Generates a hash of variable length random alpha-numeric string
$token = hash('sha256', text::random('alnum', rand(25, 32)));
Session::instance()->set('csrf-token', $token);
+ Kohana::log('debug', 'Regenerated CSRF token: '.$token);
}
return $token;

0 comments on commit 2dfa928

Please sign in to comment.