csrf

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 16, 2025 License: MIT Imports: 2 Imported by: 0

Documentation

Overview

Copyright (c) 2024 Eli Janssen Use of this source code is governed by an MIT-style license that can be found in the LICENSE file.

Inspired by * https://github.com/golang/go/issues/73626 * https://github.com/tailscale/tailscale/pull/15735

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AllowSecFetchSiteSameSite added in v1.4.0 

func AllowSecFetchSiteSameSite() optionFunc

func Protect 

func Protect(optfuncs ...optionFunc) func(next http.Handler) http.Handler

Protect routes against CSRF attacks by requiring non-(GET|HEAD|OPTIONS) requests to specify the Sec-Fetch-Site header with the value "same-origin", or if Sec-Fetch-Site is missing, with an Origin header matching the hostname in the Host header.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.