fiber

Commit Graph

Author	SHA1	Message	Date
Juan Calderon-Perez	8c3f81e2b7	v3: Use Named Fields Instead of Positional and Align Structures to Reduce Memory Usage (#3079 ) * Use composites for internal structures. Fix alignment of structures across Fiber * Update struct alignment in test files * Enable alignment check with govet * Fix ctx autoformat unit-test * Revert app Config struct. Add betteralign to Makefile * Disable comment on alert since it wont work for forks * Update benchmark.yml * Update benchmark.yml * Remove warning from using positional fields * Update router.go	2024-07-23 08:37:45 +02:00
René Werner	bb90fc1187	fix lint errors	2023-10-11 15:16:35 +02:00
Jason McNeil	b50d91d58e	Merge pull request from GHSA-94w9-97p3-p368 * feat: improved csrf with session support * fix: double submit cookie * feat: add warning cookie extractor without session * feat: add warning CsrfFromCookie SameSite * fix: use byes.Equal instead * fix: Overriden CookieName KeyLookup cookie:<name> * feat: Create helpers.go * feat: use compareTokens (constant time compare) * feat: validate cookie to prevent token injection * refactor: clean up csrf.go * docs: update comment about Double Submit Cookie * docs: update docs for CSRF changes * feat: add DeleteToken * refactor: no else * test: add more tests * refactor: re-order tests * docs: update safe methods RCF add note * test: add CSRF_Cookie_Injection_Exploit * feat: add SingleUseToken config * test: check for new token * docs: use warning * fix: always register type Token * feat: use UUIDv4 * test: swap in UUIDv4 here too	2023-10-11 14:41:42 +02:00

Author

SHA1

Message

Date

Juan Calderon-Perez

8c3f81e2b7

v3: Use Named Fields Instead of Positional and Align Structures to Reduce Memory Usage (#3079 )

* Use composites for internal structures. Fix alignment of structures across Fiber

* Update struct alignment in test files

* Enable alignment check with govet

* Fix ctx autoformat unit-test

* Revert app Config struct. Add betteralign to Makefile

* Disable comment on alert since it wont work for forks

* Update benchmark.yml

* Update benchmark.yml

* Remove warning from using positional fields

* Update router.go

2024-07-23 08:37:45 +02:00

René Werner

bb90fc1187

fix lint errors

2023-10-11 15:16:35 +02:00

Jason McNeil

b50d91d58e

Merge pull request from GHSA-94w9-97p3-p368

* feat: improved csrf with session support

* fix: double submit cookie

* feat: add warning cookie extractor without session

* feat: add warning CsrfFromCookie SameSite

* fix: use byes.Equal instead

* fix: Overriden CookieName KeyLookup cookie:<name>

* feat: Create helpers.go

* feat: use compareTokens (constant time compare)

* feat: validate cookie to prevent token injection

* refactor: clean up csrf.go

* docs: update comment about Double Submit Cookie

* docs: update docs for CSRF changes

* feat: add DeleteToken

* refactor: no else

* test: add more tests

* refactor: re-order tests

* docs: update safe methods RCF add note

* test: add CSRF_Cookie_Injection_Exploit

* feat: add SingleUseToken config

* test: check for new token

* docs: use warning

* fix: always register type Token

* feat: use UUIDv4

* test: swap in UUIDv4 here too

2023-10-11 14:41:42 +02:00

3 Commits (improve_timeout_mw_structure)