Fix broken secret-detection algorithm, making anonymous users vulnerable.
[csrf-magic.git] / js-test / dojo.php
bloba8179134b74fa55bf96734380bf94cb3c637796d
1 <?php require_once 'common.php'; ?>
2 <!DOCTYPE html
3 PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
4 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
5 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
6 <head>
7 <title>Dojo test page for csrf-magic</title>
8 <?php $loc = print_javascript('dojo/dojo/dojo.js.uncompressed',
9 'http://dojotoolkit.org/sites/all/modules/dojo/dtk_build/dojo/dojo.js.uncompressed.js'
10 ) ?>
11 </head>
12 <body>
13 <h1>Dojo test page for csrf-magic</h1>
14 <p>Using <?php echo $loc ?></p>
15 <textarea id="js-output" cols="80" rows="4"></textarea>
16 <script type="text/javascript">
17 //<![CDATA[
18 var textarea = document.getElementById('js-output');
19 textarea.value = "Dojo " + dojo.version + ":\n"
20 var callback = function (text) {
21 textarea.value += text;
23 dojo.xhrPost({
24 url: "dojo.php",
25 load: callback,
26 content: {ajax: 'yes', foo: 'bar'}
27 });
28 //]]>
29 </script>
30 </body>
31 </html>