search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix broken secret-detection algorithm, making anonymous users vulnerable.
[csrf-magic.git] / js-test / mootools.php
blob4406dece9b729f462c377843bbe185ae5753edae
1 <?php require_once 'common.php'; ?>
2 <!DOCTYPE html
3 PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
4 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
5 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
6 <head>
7 <title>MooTools test page for csrf-magic</title>
8 <?php $loc = print_javascript('mootools',
9 // This link needs to be updated with new versions
10 'http://mootools.net/downloads/mootools-1.2-core-nc.js'
11 ) ?>
12 </head>
13 <body>
14 <h1>MooTools test page for csrf-magic</h1>
15 <p>Using <?php echo $loc ?></p>
16 <textarea id="js-output" cols="80" rows="4"></textarea>
17 <script type="text/javascript">
18 //<![CDATA[
19 var textarea = document.getElementById('js-output');
20 textarea.value = "MooTools " + MooTools.version + ":\n"
21 var callback = function (text) {
22 textarea.value += text;
23 }
24 var request = new Request(
25 {
26 url: 'mootools.php'
27 });
28 request.addEvent('onSuccess', callback);
29 request.send('ajax=yes&foo=bar');
30 //]]>
31 </script>
32 </body>
33 </html>
Wizard CSRF protection for PHP