mod_csrfprotector.c | |
Variables | |
Flag | |
csrfp_actions | |
Filter_Statae | |
Filter_Cookie_Length_State | |
csrfp_config | |
csrfp_opf_ctx | |
getRuleNode | |
Functions | |
csrfp_strncasestr | Similar to standard strstr() but case insensitive and lenght limitation (char which is not 0 terminated). |
getCurrentUrl | Function to retrun current url |
generateToken | Function to generate a pseudo random no to function as CSRFP_TOKEN |
setTokenCookie | Function to append new CSRFP_TOKEN to output header |
getCookieToken | Function to return the token value from cookie |
validateToken | Function to validate GET token, csrfp_token in GET query parameter |
getOutputContentType | Returns content type of output generated by content generator |
csrfp_get_rctx | Get or create (and init) the pre request context used by the output filter |
csrfp_inject | Injects a new bucket containing a reference to the javascript. |
logCSRFAttack | Function to log an attack |
failedValidationAction | Returns appropriate status code, as per configuration For failed validation action |
needvalidation | Function to decide weather to validate current request Depending upon requested file, matched against ignore pattern |
csrfp_sql_init | Function to initiate the sql process for code validation |
csrfp_sql_update_counter | Function to add / Update counter value for reseeding |
csrfp_sql_addn | Function to add / Update token value in the db |
csrfp_sql_table_clean | Function to clear expired tokens from db |
csrfp_header_parser | Callback function for header parser by Hook Registering function |
csrfp_out_filter | Filters output generated by content generator and modify content |
csrfp_insert_filter | Registers in filter -- csrfp_in_filter |
static const char *csrfp_strncasestr( const char * s1, const char * s2, int len )
Similar to standard strstr() but case insensitive and lenght limitation (char which is not 0 terminated).
s1 | String to search in |
s2 | Pattern to ind |
len | Length of s1 |
char* | pointer to the beginning of the substring s2 within s1, or NULL if the substring is not found |
static apr_bucket *csrfp_inject( request_rec * r, apr_bucket_brigade * bb, apr_bucket * b, csrfp_opf_ctx * rctx, const char * buf, apr_size_t sz, int flag )
Injects a new bucket containing a reference to the javascript.
r | request_rec object |
bb | bucket_brigade object b Bucket to split and insert date new bucket at the postion of the marker |
rctx | Request context containing the state of the parser |
buf | String representation of the bucket |
sz | Position to split the bucket and insert the new content |
flag | 0 - for <noscript> insertion, 1 for <script> insertion |
Bucket to continue searching (at the marker)
typedef enum { CSRFP_TRUE, CSRFP_FALSE // Added CSRFP_ prefix to preven enum redeclaration error in OS X } Flag
typedef enum { forbidden, strip, redirect, message, internal_server_error } csrfp_actions
typedef enum { nmodified, // States Cookie Length not modified modified // States Cookie Length modified } Filter_Cookie_Length_State
typedef struct getRuleNode { ap_regex_t *pattern; const char *patternString; struct getRuleNode *next; }
Similar to standard strstr() but case insensitive and lenght limitation (char which is not 0 terminated).
static const char *csrfp_strncasestr( const char * s1, const char * s2, int len )
Function to retrun current url
static char* getCurrentUrl( request_rec * r )
Function to generate a pseudo random no to function as CSRFP_TOKEN
static char* generateToken( request_rec * r, int length )
Function to append new CSRFP_TOKEN to output header
static void setTokenCookie( request_rec * r, sqlite3 * db )
Function to return the token value from cookie
static char* getCookieToken( request_rec * r, char * key )
Function to validate GET token, csrfp_token in GET query parameter
static int validateToken( request_rec * r, sqlite3 * db )
Returns content type of output generated by content generator
static const char *getOutputContentType( request_rec * r )
Get or create (and init) the pre request context used by the output filter
static csrfp_opf_ctx *csrfp_get_rctx( request_rec * r )
Injects a new bucket containing a reference to the javascript.
static apr_bucket *csrfp_inject( request_rec * r, apr_bucket_brigade * bb, apr_bucket * b, csrfp_opf_ctx * rctx, const char * buf, apr_size_t sz, int flag )
Function to log an attack
static void logCSRFAttack( request_rec * r )
Returns appropriate status code, as per configuration For failed validation action
static int failedValidationAction( request_rec * r )
Function to decide weather to validate current request Depending upon requested file, matched against ignore pattern
static int needvalidation( request_rec * r )
Function to initiate the sql process for code validation
static sqlite3 *csrfp_sql_init( request_rec * r )
Function to add / Update counter value for reseeding
static int csrfp_sql_update_counter( request_rec * r, sqlite3 * db )
Function to add / Update token value in the db
static int csrfp_sql_addn( request_rec * r, sqlite3 * db, const char * sessid, const char * value )
Function to clear expired tokens from db
static void csrfp_sql_table_clean( request_rec * r, sqlite3 * db )
Callback function for header parser by Hook Registering function
static int csrfp_header_parser( request_rec * r )
Filters output generated by content generator and modify content
static apr_status_t csrfp_out_filter( ap_filter_t * f, apr_bucket_brigade * bb )
Registers in filter -- csrfp_in_filter
static void csrfp_insert_filter( request_rec * r )