GOMODULES
/
fiber
mirror of https://github.com/gofiber/fiber.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,789 Commits
25 Branches
128 Tags
169 MiB
Commit Graph

16 Commits (389e63d2c207038639062ff9a7bd73592cdc0696)

Author SHA1 Message Date
RW 389e63d2c2
Update csrf.md 
fix readme example
 2024-02-10 19:51:20 +01:00
nickajacks1 97da409533
🎨 Style!: Update CSRF and Limiter to remove repetitive names (#2846) 
chore!: Update CSRF and Limiter to remove repetitive names

The `exported` rule of revive warns to not repeat the package name in
method names. For example, prefer `csrf.FromCookie` over
`csrf.CsrfFromCookie`.

This is a breaking change for v3.

It appears that these issues will not be caught by the linter until the
`exported` rule is reenabled. This requires comments on all exported
symbols, which is a much broader effort.
 2024-02-10 19:50:29 +01:00
Muhammed Efe Cetin 1588b6b602
Merge remote-tracking branch 'origin/master' 2024-01-13 18:26:07 +03:00
René Werner 96344abbd8 change golang pkg for docs 2024-01-08 16:42:07 +01:00
nickajacks1 956b66d95f
📚 Doc: Update handler signature for v3 (#2794) 
📚 Doc: fix handler signature for v3
 2024-01-08 16:31:15 +01:00
Jason McNeil 2954e3bbae
♻️ v3: fix!: ContextKey collisions (#2781) 
* fix: ContextKey collisions

* fix(logger): lint error

* docs(csrf): fix potential range error in example
 2024-01-04 09:44:45 +01:00
Jason McNeil 2374cad3cd
📄 docs: improve csrf docs (#2726) 
* docs: improve csrf docs

- fix issues with `X-Csrf-Token` capitalization inconsistency.
- reduce redundancy and repetition.
- improve grammar.

* docs: update middleware description

* docs: within vs in

* docs: deleting tokens

* docs: MUST

* docs: add colon

* docs: all modern browsers

* docs: patterns

* docs: improve phrasing of pattern options
 2023-11-16 12:34:31 +01:00
Jason McNeil 4bf3695125
📄 docs: enhance csrf.md (#2692) 
* docs: enhance csrf.md

* docs: simplify language

* docs: update csrf.md

* docs: delete token/session reminders

* docs: and ! or
 2023-10-27 13:45:30 +02:00
RW 6f0d34d39e
Update csrf.md 2023-10-16 14:31:28 +02:00
Jason McNeil 8c3916dbf4
Merge pull request from GHSA-94w9-97p3-p368 
* feat: improved csrf with session support

* fix: double submit cookie

* feat: add warning cookie extractor without session

* feat: add warning CsrfFromCookie SameSite

* fix: use byes.Equal instead

* fix: Overriden CookieName KeyLookup cookie:<name>

* feat: Create helpers.go

* feat: use compareTokens (constant time compare)

* feat: validate cookie to prevent token injection

* refactor: clean up csrf.go

* docs: update comment about Double Submit Cookie

* docs: update docs for CSRF changes

* feat: add DeleteToken

* refactor: no else

* test: add more tests

* refactor: re-order tests

* docs: update safe methods RCF add note

* test: add CSRF_Cookie_Injection_Exploit

* feat: add SingleUseToken config

* test: check for new token

* docs: use warning

* fix: always register type Token

* feat: use UUIDv4

* test: swap in UUIDv4 here too

* fix: raw token injection

* fix: merege error

* feat: Sentinel errors

* chore: rename test

* fix: url parse

* test: add path to referer

* test: add expiration tests

* docs: add cookie prefix note

* docs: fix typo

* docs: add warning for refer checks

* test: add referer edge cases

And call ctx.Request.Reset() and
ctx.Response.Reset() before re-using ctx.
 2023-10-16 09:06:30 +02:00
Jason McNeil b50d91d58e
Merge pull request from GHSA-94w9-97p3-p368 
* feat: improved csrf with session support

* fix: double submit cookie

* feat: add warning cookie extractor without session

* feat: add warning CsrfFromCookie SameSite

* fix: use byes.Equal instead

* fix: Overriden CookieName KeyLookup cookie:<name>

* feat: Create helpers.go

* feat: use compareTokens (constant time compare)

* feat: validate cookie to prevent token injection

* refactor: clean up csrf.go

* docs: update comment about Double Submit Cookie

* docs: update docs for CSRF changes

* feat: add DeleteToken

* refactor: no else

* test: add more tests

* refactor: re-order tests

* docs: update safe methods RCF add note

* test: add CSRF_Cookie_Injection_Exploit

* feat: add SingleUseToken config

* test: check for new token

* docs: use warning

* fix: always register type Token

* feat: use UUIDv4

* test: swap in UUIDv4 here too
 2023-10-11 14:41:42 +02:00
René Werner 443804e95d improved the config section of the middleware readme´s 2023-07-24 17:03:11 +02:00
RW 51ea636b60
improved the config section of the middleware readme´s (#2552) 2023-07-24 16:46:50 +02:00
cmd777 8b1f9260a3
📚 Docs: Fix typos, and make middleware documentation more consistent (#2408) 
Fix typos, and make docs more consistent
This fixes several typos in the ISSUE_TEMPLATES, as well as improve
their readability, also makes the documentation markdowns more
consistent
 2023-04-10 10:48:12 +08:00
René Werner 1f52799686 Refresh middleware documentation 2023-03-24 13:23:52 +01:00
M. Efe Çetin b3643198f8
📝 docs: automated synchronization with `gofiber/docs` (#2344) 
Automated Synchronization with gofiber/docs repo
 2023-02-25 10:29:07 +01:00