annotate tests/jsuni.ur @ 2116:ebfaab689570

The 2nd half of proper CSRF protection related to environment variables
author Adam Chlipala <adam@chlipala.net>
date Thu, 12 Feb 2015 15:09:26 -0500
parents e81434513720
children
rev   line source
adamc@1087 1 fun main () =
adamc@1087 2 s1 <- source "";
adamc@1087 3 s2 <- source "";
adamc@1087 4
adamc@1087 5 let
adamc@1087 6 fun echo s = return s
adamc@1087 7
adamc@1087 8 fun echoer () =
adamc@1087 9 v1 <- get s1;
adamc@1087 10 v1' <- rpc (echo v1);
adamc@1087 11 set s2 v1'
adamc@1087 12 in
adamc@1087 13 return <xml><body>
adamc@1087 14 <dyn signal={v <- signal s2; return (cdata v)}/><hr/>
adamc@1087 15 <ctextbox source={s1}/> <button onclick={echoer ()}/>
adamc@1087 16 </body></xml>
adamc@1087 17 end