Version: v1.0.8 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Nov 7, 2015 License: Apache-2.0 Imports: 3 Imported by: 0




View Source
const CSRFKey = "csrf"


This section is empty.


This section is empty.


type CSRF

type CSRF interface {
	// Generate returns a CSRF token suitable for inclusion in a form
	Generate(http.ResponseWriter, *http.Request) (string, error)
	// Check returns true if the given token is valid for the given request
	Check(*http.Request, string) (bool, error)

CSRF handles generating a csrf value, and checking the submitted value

func NewCookieCSRF

func NewCookieCSRF(name, path, domain string, secure, httponly bool) CSRF

NewCookieCSRF stores random CSRF tokens in a cookie created with the given options. Empty CSRF tokens or tokens that do not match the value of the cookie on the request are rejected.

func NewEmptyCSRF

func NewEmptyCSRF() CSRF

NewEmptyCSRF returns a CSRF object which generates empty CSRF tokens, and accepts any token as valid

func NewSessionCSRF

func NewSessionCSRF(store session.Store, name string) CSRF

NewSessionCSRF stores CSRF tokens in a session with the given name. Empty CSRF tokens or tokens that do not match the value in the session are rejected.

type FakeCSRF

type FakeCSRF struct {
	Token string
	Err   error

FakeCSRF returns the given token and error for testing purposes

func (*FakeCSRF) Check

func (c *FakeCSRF) Check(req *http.Request, value string) (bool, error)

Check implements the CSRF interface

func (*FakeCSRF) Generate

func (c *FakeCSRF) Generate(w http.ResponseWriter, req *http.Request) (string, error)

Generate implements the CSRF interface

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL