Skip to content

cirius-go/cirius

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
cmd/api
cmd/api
 
 
config
config
 
 
pkg
pkg
 
 
scripts
scripts
 
 
.env
.env
 
 
.env.dev
.env.dev
 
 
.env.local
.env.local
 
 
.gitignore
.gitignore
 
 
.golangci.yml
.golangci.yml
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
docker-compose.yaml
docker-compose.yaml
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

cirius

Golang starter kit for fast development

Security

Add a hidden input field with the CSRF token to all HTML forms that make POST, PUT or DELETE requests

<form method="post" action="/submit">
    <input type="hidden" name="_csrf" value="{{ .csrfToken }}">
    <!-- other form fields go here -->
    <button type="submit">Submit</button>
</form>

In the code above, we are using a Go template to render the HTML form. The .csrfToken variable should contain the value of the CSRF token generated by the csrf middleware. You can retrieve this value in your handler function using the echo.Context.Get() method:

func SubmitHandler(c echo.Context) error {
    csrfToken := c.Get("csrf").(string)
    // handle the form submission here
}

Note that the name of the CSRF token input field ("_csrf") should match the value of the csrf.Config.Fieldname property. If you change this value, make sure to update the name of the input field accordingly.

About

Golang starter kit for fast development

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages