csrf

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 18, 2016 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Index

Constants

View Source 
const CSRFKey = "csrf"

Variables

This section is empty.

Functions

This section is empty.

Types

type CSRF 

type CSRF interface {
	// Generate returns a CSRF token suitable for inclusion in a form
	Generate(http.ResponseWriter, *http.Request) (string, error)
	// Check returns true if the given token is valid for the given request
	Check(*http.Request, string) (bool, error)
}

CSRF handles generating a csrf value, and checking the submitted value

func NewCookieCSRF 

func NewCookieCSRF(name, path, domain string, secure, httponly bool) CSRF

NewCookieCSRF stores random CSRF tokens in a cookie created with the given options. Empty CSRF tokens or tokens that do not match the value of the cookie on the request are rejected.

func NewEmptyCSRF 

func NewEmptyCSRF() CSRF

NewEmptyCSRF returns a CSRF object which generates empty CSRF tokens, and accepts any token as valid

func NewSessionCSRF 

func NewSessionCSRF(store session.Store, name string) CSRF

NewSessionCSRF stores CSRF tokens in a session with the given name. Empty CSRF tokens or tokens that do not match the value in the session are rejected.

type FakeCSRF 

type FakeCSRF struct {
	Token string
	Err   error
}

FakeCSRF returns the given token and error for testing purposes

func (*FakeCSRF) Check 

func (c *FakeCSRF) Check(req *http.Request, value string) (bool, error)

Check implements the CSRF interface

func (*FakeCSRF) Generate 

func (c *FakeCSRF) Generate(w http.ResponseWriter, req *http.Request) (string, error)

Generate implements the CSRF interface

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.