Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

hmac encoded csrf token #79

Merged
merged 2 commits into from Jan 7, 2021
Merged

hmac encoded csrf token #79

merged 2 commits into from Jan 7, 2021

Conversation

willemvermeer
Copy link

Hi, this is a first iteration of a PR to resolve issue #77
I have provided a minimal implementation and am open to suggestions for improvement. For example, I decided to reuse the existing server secret to hash the timestamp, instead of defining a second server secret for this new purpose (personally I think it can do no harm to reuse the same server secret, but feel free to disagree, in which case we'll have to add config changes for an additional server secret).
Best,
Willem

@adamw adamw merged commit c4c8227 into softwaremill:master Jan 7, 2021
1 check passed
@adamw
Copy link
Member

adamw commented Jan 7, 2021

Thank you! Released in 0.6.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants