BeforeUrlCheck
From LimeSurvey Manual
When
This event is fired when a request is posted to LimeSurvey that needs to be tested for CSRF compatibility
Input
The event receives the following information:
Name | Type | Description |
---|---|---|
routes | array | The routes where CSRF check is disabled for |
params | array | The parameters where the CSRF check is disabled for |
Possible output
The default values in csrf disabled routes are:
- 'remotecontrol', - 'plugins/unsecure'
Example
$oEvent = $this->getEvent();
$aParams = $oEvent->get('params');
$aRoutes = $oEvent->get('routes');
$aParams['unsaferequestparamkey'] = 'unsaferequestparamvalue' ;
$aRoutes[] = 'admin/unsaferouteineed';
$oEvent->set('params', $aParams);
$oEvent->set('routes', $aRoutes);