Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
tree: 0ae7998975
Fetching contributors…

Cannot retrieve contributors at this time

22 lines (17 sloc) 0.699 kB
section
h3(id='csrf') csrf()
p.
CRSF protection middleware.
p.
By default this middleware generates a token named "_csrf"
which should be added to requests which mutate
state, within a hidden form field, query-string etc. This
token is validated against the visitor's <code>req.session._csrf</code>
property.
p.
The default <code>value</code> function checks <code>req.body</code> generated
by the <code>bodyParser()</code> middleware, <code>req.query</code> generated
by <code>query()</code>, and the "X-CSRF-Token" header field.
p.
This middleware requires session support, thus should be added
somewhere below <code>session()</code>.
Jump to Line
Something went wrong with that request. Please try again.