İbrahim Yılmaz
Dec 10, 2014, 10:57:11 AM12/10/14
to chica...@googlegroups.com
Hi guys!
I've two problems with my simple application.
I've read the documents twice, but had no luck to using boss_csrf_filter and passing variables to templates.
First I've done the configuration for using CSRF filter in boss.config file as the following :
{controller_filter_config, [boss_csrf_filter]},
{session_adapter, mock},
{session_key, "_myapp_session"},
{session_exp_time, 525600},
{session_cookie_http_only, false},
{session_cookie_secure, false},
{session_domain, ".myappdomain.com"},
Then, I've add to variable in template (which is under src/view/world/hello.html)
Everthing seems fine, but no any hidden input element appearing. Should I check/configure anything else?
The second problem is with my app is passing variables to templates. My is controller something like the following code :
-module(myapp_world_controller, [Req]).
-compile(export_all).
hello('GET', []) ->
{ok, [{world}]}.
postcontact('POST', []) ->
{redirect, "/",[{contactformsend, "ok"}]}.
The code is redirecting without any value. So, the following code is not working (the same template file with I've mentioned above) :
{% if contactformsend %}
<script>
alert("Hi there is!");
</script>
{% endif %}
What I am doing wrong? How can I fix the problems?
Cheers,
Ibrahim.
I've two problems with my simple application.
I've read the documents twice, but had no luck to using boss_csrf_filter and passing variables to templates.
First I've done the configuration for using CSRF filter in boss.config file as the following :
{controller_filter_config, [boss_csrf_filter]},
{session_adapter, mock},
{session_key, "_myapp_session"},
{session_exp_time, 525600},
{session_cookie_http_only, false},
{session_cookie_secure, false},
{session_domain, ".myappdomain.com"},
Then, I've add to variable in template (which is under src/view/world/hello.html)
<div class="row">
<div class="12u">
<textarea name="message" id="message" placeholder="placeholder" required></textarea>
{{ csrf_token }}
<textarea name="message" id="message" placeholder="placeholder" required></textarea>
{{ csrf_token }}
</div>
</div>
</div>
Everthing seems fine, but no any hidden input element appearing. Should I check/configure anything else?
The second problem is with my app is passing variables to templates. My is controller something like the following code :
-module(myapp_world_controller, [Req]).
-compile(export_all).
hello('GET', []) ->
{ok, [{world}]}.
postcontact('POST', []) ->
{redirect, "/",[{contactformsend, "ok"}]}.
The code is redirecting without any value. So, the following code is not working (the same template file with I've mentioned above) :
{% if contactformsend %}
<script>
alert("Hi there is!");
</script>
{% endif %}
What I am doing wrong? How can I fix the problems?
Cheers,
Ibrahim.
İbrahim Yılmaz
Dec 11, 2014, 5:11:21 AM12/11/14
to chica...@googlegroups.com
Hi guys!
Mystery solved.
I've copied an old project directory and renamed it that causes the problem.
I've create a new project via "make" file then problem solved. :)
BTW I'm still looking for an example to use CSRF validation in form posts.
Cheers!
Mystery solved.
I've copied an old project directory and renamed it that causes the problem.
I've create a new project via "make" file then problem solved. :)
BTW I'm still looking for an example to use CSRF validation in form posts.
Cheers!
Nick Garanko
Dec 11, 2014, 8:57:39 AM12/11/14
to chica...@googlegroups.com
Hey,
Here's my example app:
This app makes use of my boss_form package, which is very alpha and not developed that much.
But should help understanding on how to use csrf_tokens.
As for your initial issue:
you're not passing context in `hello` function, it should be something like:
```
hello('GET', [], Context) ->
{ok, [{world} | Context]}.
```
-Nick
{ok, [{world} | Context]}.
```
-Nick
Reply all
Reply to author
Forward
0 new messages