v0.9.0 now supports
multipart/form data, meaning you can easily use the
<csrf-form></csrf-form> component for forms that contain file uploads.
<csrf-form method="post" action="/upload" enctype="multipart/form-data"> <input type="file" name="file" /> </csrf-form>
<form action="/si-novi/christopher-dee/media/upload" method="post" enctype="multipart/form-data"> <input type="hidden" name="csrf" value="540c460e-946e-4c78-8c8d-63c4cd091ee9"> <!-- auto-generated hidden input with the unique csrf token for this request (use with verifyCsrfToken on your post handler) --> <input type="file" name="file"> </form>
Additionally, I've also improved the html generation for the component so you can now include all the following optional attributes and they'll pass-through into your HTML
enctype target acceptCharset autocomplete id novalidate rel
Of course you can still use the standaone
<csrf-input></csrf-input> if you'd prefer to use a standard form tag.
Any feedback on your usage of this plugin, bugs, or suggestions for improvements please get in touch on GitHub. I'd love to hear from you.
- GitHub: https://github.com/hicksy/enhance-csrf
- NPM: https://www.npmjs.com/package/@hicksy/enhance-csrf