38a55e88e9
* Merge remote-tracking branch 'refs/remotes/origin/dev' into fix-for-csrf Fix CSRF protection Seems like it doesn't work anymore... I tried to fix it but couldn't get /api without csrf. So I changed the dependency for another csrf package (nosurf). Behavior: Same as previously. You just have to include the block csrf_token * changing dependency to nosurf
12 lignes
206 o
Go
12 lignes
206 o
Go
// +build go1.7
|
|
|
|
package nosurf
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
)
|
|
|
|
func addNosurfContext(r *http.Request) *http.Request {
|
|
return r.WithContext(context.WithValue(r.Context(), nosurfKey, &csrfContext{}))
|
|
}
|