GOMODULES
/
fiber
mirror of https://github.com/gofiber/fiber.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,727 Commits
25 Branches
128 Tags
169 MiB
Commit Graph

8 Commits (6ea4d81331edb14052e278237e8e3b85c4f534d6)

Author SHA1 Message Date
Muhammed Efe Cetin 6ea4d81331
Merge branch 'master' into v3-beta 2023-11-07 20:22:31 +03:00
Jason McNeil 8c3916dbf4
Merge pull request from GHSA-94w9-97p3-p368 
* feat: improved csrf with session support

* fix: double submit cookie

* feat: add warning cookie extractor without session

* feat: add warning CsrfFromCookie SameSite

* fix: use byes.Equal instead

* fix: Overriden CookieName KeyLookup cookie:<name>

* feat: Create helpers.go

* feat: use compareTokens (constant time compare)

* feat: validate cookie to prevent token injection

* refactor: clean up csrf.go

* docs: update comment about Double Submit Cookie

* docs: update docs for CSRF changes

* feat: add DeleteToken

* refactor: no else

* test: add more tests

* refactor: re-order tests

* docs: update safe methods RCF add note

* test: add CSRF_Cookie_Injection_Exploit

* feat: add SingleUseToken config

* test: check for new token

* docs: use warning

* fix: always register type Token

* feat: use UUIDv4

* test: swap in UUIDv4 here too

* fix: raw token injection

* fix: merege error

* feat: Sentinel errors

* chore: rename test

* fix: url parse

* test: add path to referer

* test: add expiration tests

* docs: add cookie prefix note

* docs: fix typo

* docs: add warning for refer checks

* test: add referer edge cases

And call ctx.Request.Reset() and
ctx.Response.Reset() before re-using ctx.
 2023-10-16 09:06:30 +02:00
Muhammed Efe Çetin 319b8ea3a8
Merge remote-tracking branch 'origin/master' into v3-beta 2022-09-03 23:56:45 +03:00
Jason McNeil 6272d759eb
🚀 [Feature]: middleware/csrf custom extractor (#2052) 
* feat(middleware/csrf): allow custom Extractor

* test: update Test_CSRF_From_Custom

* docs: add comma

* docs: update KeyLookup docs
 2022-08-28 18:57:47 +02:00
M. Efe Çetin a458bd344c
v3 (feature): convert fiber.Ctx type to interface (#1928) 
*  v3: convert fiber.Ctx type to interface

* update ctx methods

* add new methods to customize ctx, fix some problems

* update comments.

* fix something
 2022-07-13 07:48:29 +02:00
Muhammed Efe Çetin 1188144d78
🎉 v3: init 2022-05-31 17:35:49 +03:00
Gusted 7b7dcf29f7
♻️ Tidy up the codebase (#1613) 
* run gofmt

* add t.Helper()

* Simplify assigns

* Simplify make operation

* Remove unused field in struct

* Fix typo

* Run gofumpt ./

* Consistent spacing

* len(...) can never be negative

* Use ReplaceAll

* Simplify operation

* Remove deadcode

* Fix typo

* Tidy up `} else { if ...`

* Fix AssertEqual

* Remove t.Helper() to fix go1.14.15
 2021-11-05 08:00:03 +01:00
hi019 86e43593cd CSRF MW Restructuring 2021-03-01 16:25:32 -05:00