PHPackages                             hardywen/cookie-csrf - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. hardywen/cookie-csrf

ActiveLibrary[Security](/categories/security)

hardywen/cookie-csrf
====================

laravel4 自定义filter 用于防止多次提交表单及跨域提交表单

v0.2.1(11y ago)15811MITPHPPHP &gt;=5.4.0

Since May 13Pushed 11y ago1 watchersCompare

[ Source](https://github.com/hardywen/cookie-csrf)[ Packagist](https://packagist.org/packages/hardywen/cookie-csrf)[ RSS](/packages/hardywen-cookie-csrf/feed)WikiDiscussions master Synced today

READMEChangelog (3)Dependencies (1)Versions (4)Used By (0)

cookie-csrf
===========

[](#cookie-csrf)

\####改写一个 laravel 的 csrf filter。原来的的方式需要将token放到表单字段里一起提交。比较麻烦。 重新改写一个 cookie-csrf filter， 功能如下： #####1. 将 token 放在cookie里 (cookie\_csrf\_token)。 不需要每个表单都加上token字段，更方便使用。 #####2. token值使用后马上重新生成一个新token，可以有效防止重复提交。

\#Install

添加 `"hardywen/cookie-csrf": "v0.2.1"` 到 composer.json 里

运行 `composer update` 命令安装

\#Config 默认的配置是：

```
//路由白名单，pattern通过的就调用此filter,用于设定哪些链接调用
    'white_list' => array(
        '*'
    ),

    //路由黑名单，pattern通过的就【不】调用此filter，用于排除哪些链接调用
    'black_list' => array(
        'orders/notify/*' // 支付回调之类的外站调用本站接口链接
    ),

    'method' => array(
        'post',
        'put',
        'delete'
    )
```

即所有路径的 post,put,delete 方法都进行 cookie-csrf 过滤。

你可以运行 ` php artisan config:publish hardywen/cookie-csrf` 复制出配置文件，然后改按你的需要来配置。

当`route=>''`，则不自动使用cookie-csrf， 你可以自己按需要去手动调用 cookie-csrf 过滤。

\#Others

除了服务端进行防止重复提交之外，前台也应该用js防止重复提交表单的设置。例如防止jQuery ajax重复提交可以按以下方式配置：

```
//setup ajax default options
        var formSubmitting = false; // 防止ajax重复提交
        $.ajaxSetup({
            beforeSend: function () {
                if (formSubmitting) {
                    return false;
                } else {
                    formSubmitting = !formSubmitting;
                }
            },
            complete: function (xhr, status) {
                formSubmitting = !formSubmitting;
            }
        });
```

jQuery的ajax配置，在每次进行ajax之前需要判断一下是否正在处理表单，如果formSubmitting为true是，不会再提交。等ajax完成后，再将formSubmitting改回false。

防止直接提交表单的方式如下(点击submit按钮后将其disable,就不能再次点击了)：

```
//防止重复提交表单
        $("form").submit(function () {
            $(":submit", this).attr("disabled", "disabled");
        });
        ```
```

###  Health Score

26

—

LowBetter than 41% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity16

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity50

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~3 days

Total

3

Last Release

4063d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/730b1d31144cf283dd5a4f979a32cff0fec848d33fd13bbe6488c5509417f6c7?d=identicon)[hardywen](/maintainers/hardywen)

---

Top Contributors

[![hardywen](https://avatars.githubusercontent.com/u/7113324?v=4)](https://github.com/hardywen "hardywen (16 commits)")

---

Tags

phplaravelcsrfLaravel 4multiple submission

### Embed Badge

![Health badge](/badges/hardywen-cookie-csrf/health.svg)

```
[![Health](https://phpackages.com/badges/hardywen-cookie-csrf/health.svg)](https://phpackages.com/packages/hardywen-cookie-csrf)
```

###  Alternatives

[psalm/plugin-laravel

Psalm plugin for Laravel

3355.3M346](/packages/psalm-plugin-laravel)[glushkovds/phpclickhouse-laravel

Adapter of the most popular library https://github.com/smi2/phpClickHouse to Laravel

2051.5M2](/packages/glushkovds-phpclickhouse-laravel)[tzsk/otp

A secure, database-free One-Time Password (OTP) generator and verifier for PHP and Laravel.

244672.1k1](/packages/tzsk-otp)[laravel-chronicle/core

Tamper-evident audit ledger for Laravel applications.

1213.1k3](/packages/laravel-chronicle-core)[laragear/poke

Keep your forms alive, avoid TokenMismatchException by gently poking your Laravel app

2112.7k](/packages/laragear-poke)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
