Skip to content

Commit

Permalink
set csrf cookie policy
Browse files Browse the repository at this point in the history
  • Loading branch information
@bueti
bueti committed Nov 12, 2023
1 parent 889cb16 commit fe0ef0b
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion cmd/api/router.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,10 @@ func (app *application) registerMiddleware() {
app.echo.Use(middleware.Gzip())
app.echo.Use(middleware.CORS())
app.echo.Use(middleware.CSRFWithConfig(middleware.CSRFConfig{
TokenLookup: "form:csrf_token",
TokenLookup: "form:csrf_token",
CookieSecure: true,
CookieHTTPOnly: true,
CookieSameSite: http.SameSiteStrictMode,
}))
app.echo.Use(middleware.Secure())
app.echo.Use(middleware.BodyLimit("1M"))
Expand Down

0 comments on commit fe0ef0b

Please sign in to comment.