GOMODULES
/
fiber
mirror of https://github.com/gofiber/fiber.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,788 Commits
25 Branches
128 Tags
169 MiB
Commit Graph

36 Commits (97da409533060d3a01ee20409935542010b92b86)

Author SHA1 Message Date
nickajacks1 97da409533
🎨 Style!: Update CSRF and Limiter to remove repetitive names (#2846) 
chore!: Update CSRF and Limiter to remove repetitive names

The `exported` rule of revive warns to not repeat the package name in
method names. For example, prefer `csrf.FromCookie` over
`csrf.CsrfFromCookie`.

This is a breaking change for v3.

It appears that these issues will not be caught by the linter until the
`exported` rule is reenabled. This requires comments on all exported
symbols, which is a much broader effort.
 2024-02-10 19:50:29 +01:00
Muhammed Efe Cetin 1588b6b602
Merge remote-tracking branch 'origin/master' 2024-01-13 18:26:07 +03:00
Jason McNeil 2954e3bbae
♻️ v3: fix!: ContextKey collisions (#2781) 
* fix: ContextKey collisions

* fix(logger): lint error

* docs(csrf): fix potential range error in example
 2024-01-04 09:44:45 +01:00
Jason McNeil 2374cad3cd
📄 docs: improve csrf docs (#2726) 
* docs: improve csrf docs

- fix issues with `X-Csrf-Token` capitalization inconsistency.
- reduce redundancy and repetition.
- improve grammar.

* docs: update middleware description

* docs: within vs in

* docs: deleting tokens

* docs: MUST

* docs: add colon

* docs: all modern browsers

* docs: patterns

* docs: improve phrasing of pattern options
 2023-11-16 12:34:31 +01:00
Muhammed Efe Cetin 6ea4d81331
Merge branch 'master' into v3-beta 2023-11-07 20:22:31 +03:00
René Werner bb90fc1187 fix lint errors 2023-10-11 15:16:35 +02:00
Jason McNeil b50d91d58e
Merge pull request from GHSA-94w9-97p3-p368 
* feat: improved csrf with session support

* fix: double submit cookie

* feat: add warning cookie extractor without session

* feat: add warning CsrfFromCookie SameSite

* fix: use byes.Equal instead

* fix: Overriden CookieName KeyLookup cookie:<name>

* feat: Create helpers.go

* feat: use compareTokens (constant time compare)

* feat: validate cookie to prevent token injection

* refactor: clean up csrf.go

* docs: update comment about Double Submit Cookie

* docs: update docs for CSRF changes

* feat: add DeleteToken

* refactor: no else

* test: add more tests

* refactor: re-order tests

* docs: update safe methods RCF add note

* test: add CSRF_Cookie_Injection_Exploit

* feat: add SingleUseToken config

* test: check for new token

* docs: use warning

* fix: always register type Token

* feat: use UUIDv4

* test: swap in UUIDv4 here too
 2023-10-11 14:41:42 +02:00
Jiun Lee fefc533834
🚀 Add Logger interface and fiberlog (#2499) 
* add log for fiber

* replace log in fiber

* add Log use to adapt for log libraries

* Update app.go

Co-authored-by: Tomás Warynyca <41587659+tomaswarynyca@users.noreply.github.com>

* wip: add log docs

* add WithLogger use to print key and value

* remove CtxLogger and add WithContext use to bind Context

* fix errcheck

* fix errcheck

* update log.md

---------

Co-authored-by: Tomás Warynyca <41587659+tomaswarynyca@users.noreply.github.com>
 2023-06-26 08:16:57 +02:00
RW 3a7dbd0b48
🚀 Consistent way of logging and fix middleware log format #2432 (#2444) 
- change log patter
 2023-05-01 18:52:30 +02:00
Kousik Mitra a59d9bac59
🚀 Consistent way of logging and fix middleware log format (#2432) 
* 🚀 Replace fmt.Print* with log.Print* (#2402)

* 🚀 Fix middleware logging format (#2402)
 2023-05-01 10:01:27 +02:00
Muhammed Efe Çetin 088cde594d
Merge remote-tracking branch 'origin/master' into v3-beta 2023-02-05 23:43:42 +03:00
leonklingele ac4ce21d9c
🐛 Bug: Fix issues introduced in linting PR (#2319) 
* internal: revert linting changes

Changes to the internal package should not have been made in 167a8b5e94.

* middleware/monitor: revert changes to exported field "ChartJSURL"

This is a breaking change introduced in 167a8b5e94.

* middleware/monitor: fix error checking

Fix the errorenous error checking introduced in 167a8b5e94.

* 🐛 Bug: Fix issues introduced in linting PR #2319

* 🐛 Bug: Fix issues introduced in linting PR #2319

* Bug: Fix issues introduced in linting PR #2319

---------

Co-authored-by: René Werner <rene@gofiber.io>
 2023-02-02 15:57:40 +01:00
leonklingele 167a8b5e94
🚀 Feature: Add and apply more stricter golangci-lint linting rules (#2286) 
* golangci-lint: add and apply more stricter linting rules

* github: drop security workflow now that we use gosec linter inside golangci-lint

* github: use official golangci-lint CI linter

* Add editorconfig and gitattributes file
 2023-01-27 09:01:37 +01:00
Kris Carr f26d9b1d4e
v3 (deps): update to use gofiber/utils/v2 (#2184) 2022-10-31 16:44:53 +03:00
Muhammed Efe Çetin ca6f25a890
v3 (deps): move `utils` to `https://github.com/gofiber/utils` 2022-09-23 21:19:44 +03:00
Muhammed Efe Çetin 319b8ea3a8
Merge remote-tracking branch 'origin/master' into v3-beta 2022-09-03 23:56:45 +03:00
RW ec96d161a0
Fix csrf middleware behavior with header key lookup (#2063) 
* 🐛 [Bug]: Strange CSRF middleware behavior with header KeyLookup configuration #2045
 2022-08-30 14:48:31 +02:00
Jason McNeil 6272d759eb
🚀 [Feature]: middleware/csrf custom extractor (#2052) 
* feat(middleware/csrf): allow custom Extractor

* test: update Test_CSRF_From_Custom

* docs: add comma

* docs: update KeyLookup docs
 2022-08-28 18:57:47 +02:00
M. Efe Çetin a458bd344c
v3 (feature): convert fiber.Ctx type to interface (#1928) 
*  v3: convert fiber.Ctx type to interface

* update ctx methods

* add new methods to customize ctx, fix some problems

* update comments.

* fix something
 2022-07-13 07:48:29 +02:00
Muhammed Efe Çetin edd89de2d6
v3: remove deprecations 2022-05-31 17:50:31 +03:00
Muhammed Efe Çetin 1188144d78
🎉 v3: init 2022-05-31 17:35:49 +03:00
Abhishek Mehandiratta 68fcd8c88f
Feature: Session Only Cookies (#1752) 
* feat(ctx): add SessionOnly property on Cookie struct

* feat(middleware/config): add CookieSessionOnly property on middleware Config struct

* feat(csrf): link config CookieSessionOnly with fiber.Cookie in create middleware function

* fix(ctx_test): add tests for SessionOnly cookie in test_ctx_cookie

* fix(readme): update readme in csrf middleware for CookieSessionOnly property

* remove deprecated property from CookieSessionOnly explaination comments
 2022-02-07 13:35:00 +01:00
Jason McNeil af6b204e50
CookieSameSite default "Lax" (#1640) 2021-12-02 07:41:44 +01:00
iRedMail 078b6e295a
Fix comment in middleware/csrf/config.go 2021-03-20 12:58:08 +08:00
hi019 86e43593cd CSRF MW Restructuring 2021-03-01 16:25:32 -05:00
hinoguma 1ad5a618cb make default handler to private. fix testcase for invalid token and empty token. 2021-01-23 12:39:27 +09:00
hinoguma 19e6a4429d add custom error func for csrf middleware 2021-01-23 03:45:47 +09:00
amalshaji 86f258c4ae fixed cookie error in csrf.go 2020-12-10 10:45:21 +05:30
Fenny 6338ce855c 🩹 fix csrf test 2020-11-14 03:09:53 +01:00
Fenny 6b48509ce9 update cookie config fields 2020-11-14 00:45:55 +01:00
Fenny 558d802cdd 🩹 Fix expiration check 2020-11-13 18:34:01 +01:00
Fenny ce897c0b66 🩹 fix tests 2020-11-11 18:34:46 +01:00
Fenny 66ee4de7d8 🕊 rename token to key 2020-11-11 18:19:53 +01:00
Fenny 1bd7b1b15b ✏ fix typo 2020-11-11 16:41:26 +01:00
Fenny 2b0f65c5d2 ✏ update readme 2020-11-11 15:57:38 +01:00
Fenny 053dfd383d 🩹 fix crsf middleware 2020-11-11 15:25:35 +01:00