- Posts: 6
- Thank you received: 1
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
Is possible to create a public action non protected by login
- LaCaraB
- Topic Author
- Offline
- New Member
Less
More
4 years 8 months ago #186471
by LaCaraB
Is possible to create a public action non protected by login was created by LaCaraB
I'm implementing a plugin and I need to process a POST parameter generated by a 3rd party service in a view.
I have 2 alternatives:
- Process it in the authentication view.
Problem: CSRF issues since this view request a CSRF Token that the IdP ignores. Disable this check on the authentication login is not possible due security implications.
- Process it in a public view.
Problem: Right now I don't know how to create at the plugin an action where non logged users can access without being redirected to login view.
Can anyone share how create a such public action?
I have 2 alternatives:
- Process it in the authentication view.
Problem: CSRF issues since this view request a CSRF Token that the IdP ignores. Disable this check on the authentication login is not possible due security implications.
- Process it in a public view.
Problem: Right now I don't know how to create at the plugin an action where non logged users can access without being redirected to login view.
Can anyone share how create a such public action?
The topic has been locked.
- gabrieljenik
- Offline
- Official LimeSurvey Partner
Less
More
- Posts: 272
- Thank you received: 45
4 years 8 months ago #186473
by gabrieljenik
Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.
Checkout our Reporting Solutions and our plugin shop at www.encuesta.biz .
Replied by gabrieljenik on topic Is possible to create a public action non protected by login
Hi,
I believe the unsecureRequest event could fit what you need, but to be honest, I don't remember an example of usage...
I believe the unsecureRequest event could fit what you need, but to be honest, I don't remember an example of usage...
Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.
Checkout our Reporting Solutions and our plugin shop at www.encuesta.biz .
The topic has been locked.
- DenisChenu
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 13935
- Thank you received: 2551
4 years 8 months ago #186478
by DenisChenu
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic Is possible to create a public action non protected by login
I use
manual.limesurvey.org/NewUnsecureRequest
to extend remote control.
For redirection : code sample : gitlab.com/SondagesPro/ExportAndStats/qu...AndStat.php#L446-449
For redirection : code sample : gitlab.com/SondagesPro/ExportAndStats/qu...AndStat.php#L446-449
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.