package
0.0.0-20240811142457-7e33354fa83f
Repository: https://github.com/hidevopsio/middleware.git
Documentation: pkg.go.dev
# Functions
CookieName changes the name of the CSRF cookie issued to clients.
Domain sets the cookie domain.
ErrorHandler allows you to change the handler called when CSRF request processing encounters an invalid token or request.
FailureReason makes CSRF validation errors available in the request context.
FieldName allows you to change the name attribute of the hidden <input> field inspected by this package.
HTTPOnly sets the 'HTTPOnly' flag on the cookie.
MaxAge sets the maximum age (in seconds) of a CSRF token's underlying cookie.
New returns a new csrf middleware.
Path sets the cookie path.
Protect is HTTP middleware that provides Cross-Site Request Forgery protection.
RequestHeader allows you to change the request header the CSRF middleware inspects.
Secure sets the 'Secure' flag on the cookie.
TemplateField is a template helper for html/template that provides an <input> field populated with a CSRF token.
Token returns a masked CSRF token ready for passing into HTML template or a JSON response body.
UnsafeSkipCheck will skip the CSRF check for any requests.
# Variables
ErrBadReferer is returned when the scheme & host in the URL do not match the supplied Referer header.
ErrBadToken is returned if the CSRF token in the request does not match the token in the session, or is otherwise malformed.
ErrNoReferer is returned when a HTTPS request provides an empty Referer header.
ErrNoToken is returned if no CSRF token is supplied in the request.
TemplateTag provides a default template tag - e.g.
# Type aliases
Option describes a functional option for configuring the CSRF handler.