x/web-app-template
Archived
Template
2
0
Fork 0
Code Issues 13 Pull Requests 4 Actions Packages Activity

tbs

Browse Source
This commit is contained in:
Tim Wundenberg
2024-12-06 21:54:59 +01:00
parent 0170d63ae9
commit 04c6d0e71d
5 changed files with 192 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
handler/middleware/cross_site_request_forgery.go
View File

@@ -11,12 +11,17 @@ func CrossSiteRequestForgery(auth *service.Auth) func(http.Handler) http.Handler
// session := r.Context().Value(SessionKey)
if r.Method == "POST" {
if r.Method == http.MethodPost ||
r.Method == http.MethodPut ||
r.Method == http.MethodDelete ||
r.Method == http.MethodPatch {
csrfToken := r.FormValue("csrf-token")
if csrfToken == "" {
http.Error(w, "", http.StatusForbidden)
return
}
}
next.ServeHTTP(w, r)