Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add by-default CSRF-protection to writeJSON #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add by-default CSRF-protection to writeJSON #3

wants to merge 1 commit into from

Conversation

alexanderkjeldaas
Copy link

Added two extra functions, writeJSONWrapped, and writeJSONUnprotected.
The original writeJSON is renamed to writeJSONUnprotected
writeJSON prefixes with ")]}',\n" which is stripped away by AngularJS
by default.
writeJSONWrapped can wrap with a specific wrapper

@alexanderkjeldaas
Copy link
Author

Actually the commit also includes a writeJSONP function which writes JSONP (content type application/javascript instead of json, and a callback wrapping the json).

@alexanderkjeldaas
Add CSRF-protection to writeJSON by default
9b45c5d 
- Renamed writeJSON to writeJSONUnprotected for unprotected JSON.
- writeJSON now prefixes the JSON with ")]}',\n" which is
  stripped away by AngularJS by default.
  Documented how to achieve the same with a jQuery front-end.
- Added new function writeJSONWrapped with configurable wrapping.
- Added new function writeJSONP for JSONP output.
@ibotty
Copy link

ibotty commented Feb 12, 2014

i'd like to see this in snap-extras as well. any objections?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@alexanderkjeldaas @ibotty