Get or create (and init) the pre request context used by the output filter
static csrfp_opf_ctx *csrfp_get_rctx( request_rec * r )
Callback function for header parser by Hook Registering function
static int csrfp_header_parser( request_rec * r )
Injects a new bucket containing a reference to the javascript.
static apr_bucket *csrfp_inject( request_rec * r, apr_bucket_brigade * bb, apr_bucket * b, csrfp_opf_ctx * rctx, const char * buf, apr_size_t sz, int flag )
Registers in filter -- csrfp_in_filter
static void csrfp_insert_filter( request_rec * r )
Filters output generated by content generator and modify content
static apr_status_t csrfp_out_filter( ap_filter_t * f, apr_bucket_brigade * bb )
Function to add / Update token value in the db
static int csrfp_sql_addn( request_rec * r, sqlite3 * db, const char * sessid, const char * value )
Function to initiate the sql process for code validation
static sqlite3 *csrfp_sql_init( request_rec * r )
Function to clear expired tokens from db
static void csrfp_sql_table_clean( request_rec * r, sqlite3 * db )
Function to add / Update counter value for reseeding
static int csrfp_sql_update_counter( request_rec * r, sqlite3 * db )
Similar to standard strstr() but case insensitive and lenght limitation (char which is not 0 terminated).
static const char *csrfp_strncasestr( const char * s1, const char * s2, int len )
Returns appropriate status code, as per configuration For failed validation action
static int failedValidationAction( request_rec * r )
Function to generate a pseudo random no to function as CSRFP_TOKEN
static char* generateToken( request_rec * r, int length )
Function to return the token value from cookie
static char* getCookieToken( request_rec * r, char * key )
Function to retrun current url
static char* getCurrentUrl( request_rec * r )
Returns content type of output generated by content generator
static const char *getOutputContentType( request_rec * r )
Function to log an attack
static void logCSRFAttack( request_rec * r )
Function to decide weather to validate current request Depending upon requested file, matched against ignore pattern
static int needvalidation( request_rec * r )
Function to append new CSRFP_TOKEN to output header
static void setTokenCookie( request_rec * r, sqlite3 * db )
Function to validate GET token, csrfp_token in GET query parameter
static int validateToken( request_rec * r, sqlite3 * db )