UNPKG

sfcc-dev-mcp

Version:

MCP server for Salesforce B2C Commerce Cloud development assistance including logs, debugging, and development tools

github.com/taurgis/sfcc-dev-mcp

taurgis/sfcc-dev-mcp

83 lines (43 loc) 2.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
## Package: dw.web # Class CSRFProtection ## Inheritance Hierarchy - Object - dw.web.CSRFProtection ## Description Used to generate and validate CSRF tokens. CSRFProtection allows applications to protect themselves against CSRF attacks, using synchronizer tokens, a best practice. Once created, these tokens are tied to a user’s session and valid for 60 minutes. Usage: Adding CSRF token to forms: //CSRF token generation <form ... action=""> <input name="foo" value="bar"> <input name="${dw.web.CSRFProtection.getTokenName()}" value="${dw.web.CSRFProtection.generateToken()"> </form> Then, in scripts call: dw.web.CSRFProtection.validateRequest(); ## Properties ### tokenName **Type:** String (Read Only) The system generated CSRF token name. Currently, this name is not user configurable. Must be used for validateRequest() to work ## Constructor Summary ## Method Summary ### generateToken **Signature:** `static generateToken() : String` Constructs a new unique CSRF token for this session. ### getTokenName **Signature:** `static getTokenName() : String` Returns the system generated CSRF token name. ### validateRequest **Signature:** `static validateRequest() : boolean` Verifies that a client request contains a valid CSRF token, and that the token has not expired. ## Method Detail ## Method Details ### generateToken **Signature:** `static generateToken() : String` **Description:** Constructs a new unique CSRF token for this session. **Returns:** a new CSRF token --- ### getTokenName **Signature:** `static getTokenName() : String` **Description:** Returns the system generated CSRF token name. Currently, this name is not user configurable. Must be used for validateRequest() to work **Returns:** System-generated CSRF token parameter name --- ### validateRequest **Signature:** `static validateRequest() : boolean` **Description:** Verifies that a client request contains a valid CSRF token, and that the token has not expired. Returns true if these conditions are met, and false otherwise **Returns:** true if request contains a valid CSRF token, false otherwise ---