get csrf token in request; Test for prefix 'http-' in csrf token header

2026-06-14 09:43:42 +03:00 · 2021-03-21 11:40:37 +01:00
parent e78040aabd
commit 05e5461acb
2 changed files with 10 additions and 1 deletions
--- a/src/Pecee/Http/Middleware/BaseCsrfVerifier.php
+++ b/src/Pecee/Http/Middleware/BaseCsrfVerifier.php
@@ -68,7 +68,7 @@ class BaseCsrfVerifier implements IMiddleware

            $token = $request->getInputHandler()->value(
                static::POST_KEY,
-                $request->getHeader(static::HEADER_KEY),
+                $request->getHeader(static::HEADER_KEY) ?? $request->getHeader('HTTP-' . static::HEADER_KEY),
                'post'
            );