next-csrf
Version:
CSRF mitigation library for Next.js
1 lines • 5.51 kB
JSON
{"ast":null,"code":"var _jsxFileName = \"/home/jolvera/proj/next-csrf/example/pages/index.js\";\nimport React from \"react\";\nvar __jsx = React.createElement;\nimport styles from \"../styles/Home.module.css\";\nexport default function Home() {\n return __jsx(React.Fragment, null, __jsx(\"p\", {\n className: styles.description,\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 6,\n columnNumber: 7\n }\n }, \"Get started by editing\", \" \", __jsx(\"code\", {\n className: styles.code,\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 8,\n columnNumber: 9\n }\n }, \"pages/index.js\")), __jsx(\"div\", {\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 11,\n columnNumber: 7\n }\n }, __jsx(\"div\", {\n className: styles.card,\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 12,\n columnNumber: 9\n }\n }, __jsx(\"h3\", {\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 13,\n columnNumber: 11\n }\n }, \"Send a request with a valid CSRF token\"), __jsx(\"p\", {\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 15,\n columnNumber: 11\n }\n }, \"Open the Web Console and click in the button below to see how a valid request works.\")), __jsx(\"div\", {\n className: styles.card,\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 29,\n columnNumber: 9\n }\n }, __jsx(\"h3\", {\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 30,\n columnNumber: 11\n }\n }, \"Send a request without the CSRF token\"), __jsx(\"p\", {\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 32,\n columnNumber: 11\n }\n }, \"Because any request we send from the browser will have a cookie with the token attached, try to send a request from a terminal and see what happens with a missing or an invalid CSRF token.\"), __jsx(\"pre\", {\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 38,\n columnNumber: 11\n }\n }, __jsx(\"code\", {\n className: styles.code,\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 39,\n columnNumber: 13\n }\n }, \"$ curl -X POST http://localhost:3000/api/protected\")), __jsx(\"pre\", {\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 44,\n columnNumber: 11\n }\n }, __jsx(\"code\", {\n className: styles.code,\n __self: this,\n __source: {\n fileName: _jsxFileName,\n lineNumber: 45,\n columnNumber: 13\n }\n }, `>> {\"message\": \"Invalid CSRF token\"}`)))));\n}","map":{"version":3,"sources":["/home/jolvera/proj/next-csrf/example/pages/index.js"],"names":["styles","Home","description","code","card"],"mappings":";;;AAAA,OAAOA,MAAP,MAAmB,2BAAnB;AAEA,eAAe,SAASC,IAAT,GAAgB;AAC7B,SACE,4BACE;AAAG,IAAA,SAAS,EAAED,MAAM,CAACE,WAArB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,+BACyB,GADzB,EAEE;AAAM,IAAA,SAAS,EAAEF,MAAM,CAACG,IAAxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,sBAFF,CADF,EAME;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAK,IAAA,SAAS,EAAEH,MAAM,CAACI,IAAvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,8CADF,EAGE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,4FAHF,CADF,EAkBE;AAAK,IAAA,SAAS,EAAEJ,MAAM,CAACI,IAAvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,6CADF,EAGE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oMAHF,EASE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAM,IAAA,SAAS,EAAEJ,MAAM,CAACG,IAAxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,0DADF,CATF,EAeE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACE;AAAM,IAAA,SAAS,EAAEH,MAAM,CAACG,IAAxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,KACI,sCADJ,CADF,CAfF,CAlBF,CANF,CADF;AAiDD","sourcesContent":["import styles from \"../styles/Home.module.css\";\n\nexport default function Home() {\n return (\n <>\n <p className={styles.description}>\n Get started by editing{\" \"}\n <code className={styles.code}>pages/index.js</code>\n </p>\n\n <div>\n <div className={styles.card}>\n <h3>Send a request with a valid CSRF token</h3>\n\n <p>\n Open the Web Console and click in the button below to see how a\n valid request works.\n </p>\n\n {/*<button*/}\n {/* id=\"with-csrf\"*/}\n {/* className={styles.button}*/}\n {/* onClick={requestWithToken}*/}\n {/*>*/}\n {/* With CSRF token*/}\n {/*</button>*/}\n </div>\n\n <div className={styles.card}>\n <h3>Send a request without the CSRF token</h3>\n\n <p>\n Because any request we send from the browser will have a cookie with\n the token attached, try to send a request from a terminal and see\n what happens with a missing or an invalid CSRF token.\n </p>\n\n <pre>\n <code className={styles.code}>\n $ curl -X POST http://localhost:3000/api/protected\n </code>\n </pre>\n\n <pre>\n <code className={styles.code}>\n {`>> {\"message\": \"Invalid CSRF token\"}`}\n </code>\n </pre>\n </div>\n </div>\n </>\n );\n}\n"]},"metadata":{},"sourceType":"module"}