!C99Shell v. 2.5 [PHP 8 Update] [24.05.2025]!

Software: Apache/2.4.41 (Ubuntu). PHP/8.0.30 

uname -a: Linux apirnd 5.4.0-204-generic #224-Ubuntu SMP Thu Dec 5 13:38:28 UTC 2024 x86_64 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/usr/local/lib/node_modules/strapi/node_modules/koa-lusca/lib/   drwxr-xr-x
Free 13.09 GB of 57.97 GB (22.58%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Self remove    Logout    


Viewing file:     csrf.js (3.22 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
/**!
 * koa-lusca - lib/csrf.js
 *
 * Copyright(c) 2014 - 2015 fengmk2 and other contributors.
 * MIT Licensed
 *
 * Authors:
 *   fengmk2 <fengmk2@gmail.com> (http://fengmk2.github.com)
 */

/*───────────────────────────────────────────────────────────────────────────*\
│  Copyright (C) 2014 eBay Software Foundation                                │
│                                                                             │
│hh ,'""`.                                                                    │
│  / _  _ \  Licensed under the Apache License, Version 2.0 (the "License");  │
│  |(@)(@)|  you may not use this file except in compliance with the License. │
│  )  __  (  You may obtain a copy of the License at                          │
│ /,'))((`.\                                                                  │
│(( ((  )) ))    http://www.apache.org/licenses/LICENSE-2.0                   │
│ `\ `)(' /'                                                                  │
│                                                                             │
│   Unless required by applicable law or agreed to in writing, software       │
│   distributed under the License is distributed on an "AS IS" BASIS,         │
│   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  │
│   See the License for the specific language governing permissions and       │
│   limitations under the License.                                            │
\*───────────────────────────────────────────────────────────────────────────*/

'use strict';

var token = require('./token');

/**
 * CSRF
 * https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
 * @param {Object} options
 *  - key {String} The name of the CSRF token in the model. Default "_csrf".
 *  - impl {Object} An object with create/validate methods for custom tokens. Optional.
 *  - header {String} The name of the response header containing the CSRF token. Default "x-csrf-token".
 *  - secret {String} The session key name of secret. Default "_csrfSecret"
 */
module.exports = function (options) {
  options = options || {};
  var key = options.key || '_csrf';
  var impl = options.impl || token;
  var header = options.header || 'x-csrf-token';
  var secret = options.secret || '_csrfSecret';

  return function* csrf(next) {
    //call impl
    var _impl = impl.create(this, secret);
    var validate = impl.validate || _impl.validate;
    var _token = _impl.token || _impl;
    // Set the token
    this.state[key] = _token;

    // Move along for safe verbs
    var method = this.method;
    if (method === 'GET' || method === 'HEAD' || method === 'OPTIONS') {
      return yield* next;
    }

    // Validate token
    _token = (this.request.body && this.request.body[key]) || this.get(header);

    if (validate(this, _token)) {
      yield* next;
    } else {
      this.throw(403, new Error('CSRF token mismatch'));
    }
  };
};

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0058 ]--