08d9fda631
✨ enhancement: use msgp for flash message encoding/decoding ( #3099 )
...
* enhancement: use msgp for flash message encoding/decoding
* add msgp tests
* improve test coverage
* improve test coverage
* fix linter
* update makefile
* extend go generation process
---------
Co-authored-by: Juan Calderon-Perez <835733+gaby@users.noreply.github.com>
Co-authored-by: René <rene@gofiber.io>
2024-08-29 16:45:16 +02:00
25e399213c
chore: Add support for go1.23 and golangci-lint v1.60.1 ( #3101 )
...
* Bump min go to 1.22, bump golangci-lint to v1.60.1, regenerate all msgp
* Fix golanci-lint issues
* Fix golanci-lint issues
2024-08-14 09:14:04 +02:00
6ea4d81331
Merge branch 'master' into v3-beta
2023-11-07 20:22:31 +03:00
b50d91d58e
Merge pull request from GHSA-94w9-97p3-p368
...
* feat: improved csrf with session support
* fix: double submit cookie
* feat: add warning cookie extractor without session
* feat: add warning CsrfFromCookie SameSite
* fix: use byes.Equal instead
* fix: Overriden CookieName KeyLookup cookie:<name>
* feat: Create helpers.go
* feat: use compareTokens (constant time compare)
* feat: validate cookie to prevent token injection
* refactor: clean up csrf.go
* docs: update comment about Double Submit Cookie
* docs: update docs for CSRF changes
* feat: add DeleteToken
* refactor: no else
* test: add more tests
* refactor: re-order tests
* docs: update safe methods RCF add note
* test: add CSRF_Cookie_Injection_Exploit
* feat: add SingleUseToken config
* test: check for new token
* docs: use warning
* fix: always register type Token
* feat: use UUIDv4
* test: swap in UUIDv4 here too
2023-10-11 14:41:42 +02:00
M. Efe Çetin
Juan Calderon-Perez
Jason McNeil