Inspection of "csrf improvments" - eliareutlinger/minska-api - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 0c3d52...16e6d7 )

by Elia

created 2019-02-14 10:24 UTC

Status

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -4,5 +4,5 @@
 block discarded – undo
 include_once '../../_config/core.php';
 
 
-setcookie("token", false, time()-1000, "/", "localhost", 0, 1);
+setcookie("token", false, time() - 1000, "/", "localhost", 0, 1);
 returnSuccess($jwt);

Please login to merge, or discard this patch.

_config/headers.php 1 patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -1,7 +1,7 @@
 block discarded – undo
 <?php
 
 $http_origin = $_SERVER['HTTP_ORIGIN'];
-if ($http_origin == "http://localhost:8080" || $http_origin == "https://minska.eliareutlinger.ch"){
+if ($http_origin == "http://localhost:8080" || $http_origin == "https://minska.eliareutlinger.ch") {
     header("Access-Control-Allow-Origin: $http_origin");
 }
 

Please login to merge, or discard this patch.

user/login/index.php 1 patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -47,7 +47,7 @@
 block discarded – undo
 
     try {
         setcookie("secureToken", $jwt, $token_conf['expireAt'], "/; samesite=strict", "", isset($_SERVER['https']), 1);
-        setcookie("appToken", $jwt, time()+10, "/; samesite=strict", "", isset($_SERVER['https']), 0);
+        setcookie("appToken", $jwt, time() + 10, "/; samesite=strict", "", isset($_SERVER['https']), 0);
     } catch (Exception $e) {
         returnError();
     }

Please login to merge, or discard this patch.

_config/core.php 1 patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -19,7 +19,7 @@
 block discarded – undo
 
         list($type, $data) = explode(" ", getallheaders()['Authorization'], 2);
         if (strcasecmp($type, "Bearer") == 0) {
-            if($_COOKIE["appToken"] === $data){
+            if ($_COOKIE["appToken"] === $data) {
                 return $_COOKIE["appToken"];
             }
         }

Please login to merge, or discard this patch.

		@@ -4,5 +4,5 @@
		block discarded – undo
4	4	include_once '../../_config/core.php';
5	5
6	6
7		-setcookie("token", false, time()-1000, "/", "localhost", 0, 1);
	7	+setcookie("token", false, time() - 1000, "/", "localhost", 0, 1);
8	8	returnSuccess($jwt);

		@@ -1,7 +1,7 @@
		block discarded – undo
1	1	<?php
2	2
3	3	$http_origin = $_SERVER['HTTP_ORIGIN'];
4		-if ($http_origin == "http://localhost:8080" \|\| $http_origin == "https://minska.eliareutlinger.ch"){
	4	+if ($http_origin == "http://localhost:8080" \|\| $http_origin == "https://minska.eliareutlinger.ch") {
5	5	header("Access-Control-Allow-Origin: $http_origin");
6	6	}
7	7

		@@ -47,7 +47,7 @@
		block discarded – undo
47	47
48	48	try {
49	49	setcookie("secureToken", $jwt, $token_conf['expireAt'], "/; samesite=strict", "", isset($_SERVER['https']), 1);
50		- setcookie("appToken", $jwt, time()+10, "/; samesite=strict", "", isset($_SERVER['https']), 0);
	50	+ setcookie("appToken", $jwt, time() + 10, "/; samesite=strict", "", isset($_SERVER['https']), 0);
51	51	} catch (Exception $e) {
52	52	returnError();
53	53	}

		@@ -19,7 +19,7 @@
		block discarded – undo
19	19
20	20	list($type, $data) = explode(" ", getallheaders()['Authorization'], 2);
21	21	if (strcasecmp($type, "Bearer") == 0) {
22		- if($_COOKIE["appToken"] === $data){
	22	+ if ($_COOKIE["appToken"] === $data) {
23	23	return $_COOKIE["appToken"];
24	24	}
25	25	}

eliareutlinger / minska-api

Push — master ( 0c3d52...16e6d7 )

Status

Category

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch