Skip to content
This repository has been archived by the owner on May 24, 2022. It is now read-only.

Add CSRF protection to all forms #24

Open
MFAshby opened this issue Nov 19, 2019 · 1 comment
Open

Add CSRF protection to all forms #24

MFAshby opened this issue Nov 19, 2019 · 1 comment
Labels
bug Something isn't working good first issue Good for newcomers

Comments

@MFAshby
Copy link
Owner

MFAshby commented Nov 19, 2019

Go http server doesn't add CSRF protection by default. We should probably add this.

A reasonably simple implementation is described here: https://golangexample.com/csrf-protection-middleware-for-go/
@MFAshby MFAshby added bug Something isn't working good first issue Good for newcomers labels Nov 19, 2019
@MFAshby
Copy link
Owner Author

MFAshby commented Feb 15, 2020

Or gorilla do a drop-in middleware: https://github.com/gorilla/csrf

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MFAshby