greggy/landingpage-haus-schleusingen
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix #42: CSRF-Schutz für Kontaktformular #50

Merged
greggy merged 1 commits from feature/issue-42-csrf-protection into main 2026-05-22 08:33:41 +02:00
Conversation 0 Commits 1 Files Changed 2 +14

1 Commits

Author SHA1 Message Date
Claw (KI-Assistent)
a919a392cc fix(security): add CSRF protection to contact form (#42)
All checks were successful
Deploy Feature Branch to Test / deploy (push) Successful in 25s
Details
Lint / PHP Syntax Check (push) Successful in 32s
Details
Lint / CSS Lint (stylelint) (push) Successful in 1m13s
Details
Lint / HTML Lint (htmlhint) (push) Successful in 1m9s
Details
Lint / PHP Syntax Check (pull_request) Successful in 32s
Details
Lint / CSS Lint (stylelint) (pull_request) Successful in 1m16s
Details
Lint / HTML Lint (htmlhint) (pull_request) Successful in 1m7s
Details 
- Generate CSRF token (32 bytes) on GET requests
- Add hidden csrf_token field to contact form
- Validate token with hash_equals() (timing-safe) on POST
- Reject invalid/missing tokens with user-friendly error

Fix #42
 2026-05-21 23:05:51 +00:00