aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middleware/csrf.go
diff options
context:
space:
mode:
Diffstat (limited to 'server/middleware/csrf.go')
-rw-r--r--server/middleware/csrf.go6
1 files changed, 4 insertions, 2 deletions
diff --git a/server/middleware/csrf.go b/server/middleware/csrf.go
index 74736b5..0c07e42 100644
--- a/server/middleware/csrf.go
+++ b/server/middleware/csrf.go
@@ -6,11 +6,13 @@ package middleware
import (
"context"
- "github.com/miniflux/miniflux2/helper"
"log"
"net/http"
+
+ "github.com/miniflux/miniflux2/helper"
)
+// Csrf is a middleware that handle CSRF tokens.
func Csrf(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
var csrfToken string
@@ -32,7 +34,7 @@ func Csrf(next http.Handler) http.Handler {
}
ctx := r.Context()
- ctx = context.WithValue(ctx, "CsrfToken", csrfToken)
+ ctx = context.WithValue(ctx, CsrfContextKey, csrfToken)
w.Header().Add("Vary", "Cookie")
isTokenValid := csrfToken == r.FormValue("csrf") || csrfToken == r.Header.Get("X-Csrf-Token")
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-10 13:49:04 +0000