Skip to content
This repository has been archived by the owner on Sep 14, 2022. It is now read-only.

Disable it for API routes #59

Closed
razvanz opened this issue Mar 3, 2015 · 2 comments
Closed

Disable it for API routes #59

razvanz opened this issue Mar 3, 2015 · 2 comments
Assignees
@dougwilson
Labels
question

Comments

@razvanz
Copy link

razvanz commented Mar 3, 2015

My node application routes the requests in two main categories /app, /api. The application uses csurf as described in the examples.

How can I disable it for the /api routes since I'm using token authentication (RFC 6750) and I don't want CSRF protection.
@dougwilson dougwilson self-assigned this Mar 3, 2015
@dougwilson
Copy link
Contributor

Rather than doing app.use(csurf()), you can do app.use('/app', csurf()) so that it only applies to your /app routes.

@razvanz
Copy link
Author

razvanz commented Mar 3, 2015

Thanks!

@razvanz razvanz closed this as completed Mar 3, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@dougwilson dougwilson

Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dougwilson @razvanz