Fix broken secret-detection algorithm, making anonymous users vulnerable.
[csrf-magic.git] / js-test / ext.php
blobde9dc71a74627d38c489ef3a5e0e74e310b6aff6
1 <?php require_once 'common.php'; ?>
2 <!DOCTYPE html
3 PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN
4 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
5 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
6 <head>
7 <title>Ext test page for csrf-magic</title>
8 <?php
9 $locs = array();
10 $locs[] = print_javascript('ext/source/adapter/ext-base', 'http://extjs.com/deploy/dev/adapter/ext/ext-base.js');
11 $locs[] = print_javascript('ext/ext-core', 'http://extjs.com/deploy/dev/ext-core.js');
13 </head>
14 <body>
15 <h1>Ext test page for csrf-magic</h1>
16 <p>Using <?php echo implode(', ', $locs); ?></p>
17 <textarea id="js-output" cols="80" rows="4"></textarea>
18 <script type="text/javascript">
19 //<![CDATA[
20 var textarea = document.getElementById('js-output');
21 textarea.value = "Ext (no version available)\n";
22 var callback = function (transport) {
23 textarea.value += transport.responseText;
25 Ext.Ajax.request({
26 url: 'ext.php',
27 success: callback,
28 params: { ajax: 'yes', foo: 'bar' }
29 });
30 //]]>
31 </script>
32 </body>
33 </html>