csrf

package
v0.1.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 10, 2025 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrNoToken      = errors.New("没有提供CSRF令牌")
	ErrInvalidToken = errors.New("无效的CSRF令牌")
)

Functions

func NewMiddleware 

func NewMiddleware(opts Options) mist.Middleware

NewMiddleware 创建一个新的CSRF中间件

func WithDefaultCSRF 

func WithDefaultCSRF() mist.Middleware

WithDefaultCSRF 使用默认选项创建CSRF中间件

Types

type Options 

type Options struct {
	// TokenLength 令牌长度
	TokenLength int

	// TokenExpiry 令牌有效期
	TokenExpiry time.Duration

	// CookieName CSRF令牌cookie名称
	CookieName string

	// HeaderName CSRF令牌头名称
	HeaderName string

	// FormField CSRF令牌表单字段名称
	FormField string

	// CookiePath Cookie路径
	CookiePath string

	// CookieDomain Cookie域
	CookieDomain string

	// CookieSecure 是否只通过HTTPS发送Cookie
	CookieSecure bool

	// CookieHTTPOnly 是否禁止JavaScript访问Cookie
	CookieHTTPOnly bool

	// CookieSameSite Cookie的SameSite属性
	CookieSameSite http.SameSite

	// TrustedOrigins 可信来源列表
	TrustedOrigins []string

	// IgnoreMethods 忽略的HTTP方法列表
	IgnoreMethods []string

	// ErrorHandler 错误处理函数
	ErrorHandler func(*mist.Context, error)
}

Options CSRF中间件选项

func DefaultOptions 

func DefaultOptions() Options

DefaultOptions 返回默认CSRF中间件选项

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.