0.1.0 • Published 10 years ago

seasurf v0.1.0

Weekly downloads
3
License
MIT
Repository
github
Last release
10 years ago

seasurf

CSRF session middleware.

Installation

$ npm install seasurf

Usage

var seasurf = require('seasurf');

// All paths past this point have access to the csrfToken method
app.use(seasurf({
  // see Options
});

Options

paths: Array of leading pathnames to enforce CSRF tokens on (with an enforced method). Defaults to all paths.

methods: Array of HTTP method names to enforce CSRF tokens on (with an enforced path). Defaults to all methods.

session: Name of the key pointing to session data. Defaults to 'session'.

token(req, res): Function returning the CSRF token from a request. Defaults to the value of the X-CSRF-Token header.

unverified(req, res): Function called when a CSRF token cannot be verified. Defaults to an empty response with status 403.

License

Released under the terms of the MIT license. See LICENSE.

csrf
csrf
@infinitebrahmanuniverse/nolb-seas@everything-registry/sub-chunk-2725
0.1.0

10 years ago

0.0.1

10 years ago