Psifi-Solutions/csrf-csrf issues and pull requests

#81 - Tokens in the header and cookie are rarely different

Issue - State: open - Opened by topas 9 days ago - 2 comments

#81 - Tokens in the header and cookie are rarely different

Issue - State: open - Opened by topas 9 days ago - 2 comments

#80 - ForbiddenError: invalid csrf token

Issue - State: closed - Opened by estebanovic about 2 months ago - 2 comments

#79 - Delimiter and http only support

Pull Request - State: closed - Opened by psibean 3 months ago

#78 - CSRF between two backends

Issue - State: closed - Opened by Nickk4 3 months ago - 4 comments

#77 - generatToken returning csrfToken instead of cookieContent

Issue - State: closed - Opened by MaxVSCJP 3 months ago - 2 comments

#76 - Invalid CSRF token when accessing on IP address

Issue - State: closed - Opened by chr15m 5 months ago - 3 comments

#75 - Is the endpoint `/csrf-token` shown in the examples actually needed for protection?

Issue - State: closed - Opened by strazto 5 months ago - 2 comments

#74 - Issue with latest build

Issue - State: closed - Opened by khaleddrashadd 5 months ago - 2 comments

#73 - Chore/update with v3 changes

Pull Request - State: closed - Opened by psibean 5 months ago

#72 - feat: support optional stateless association of token with session

Pull Request - State: closed - Opened by psibean 6 months ago - 1 comment

#72 - feat: support optional stateless association of token with session

Pull Request - State: closed - Opened by psibean 6 months ago - 1 comment

#71 - csrf token cannot be overwriten on brave browser whlie redirecting via external link

Issue - State: open - Opened by Sertturk16 6 months ago - 2 comments

#71 - csrf token cannot be overwriten on brave browser whlie redirecting via external link

Issue - State: closed - Opened by Sertturk16 6 months ago - 3 comments

#70 - Upstream v3.0.6 to main

Pull Request - State: closed - Opened by psibean 7 months ago

#70 - Upstream v3.0.6 to main

Pull Request - State: closed - Opened by psibean 7 months ago

#69 - Build/support versioned branches

Pull Request - State: closed - Opened by psibean 7 months ago - 1 comment

#69 - Build/support versioned branches

Pull Request - State: closed - Opened by psibean 7 months ago - 1 comment

#68 - Log options - provide an event emitter API

Issue - State: open - Opened by timtong1982 7 months ago - 4 comments
Labels: enhancement, feature

#68 - Log options - provide an event emitter API

Issue - State: open - Opened by timtong1982 7 months ago - 4 comments
Labels: enhancement, feature

#67 - Support Express-like frameworks

Issue - State: open - Opened by Lordfirespeed 7 months ago - 4 comments
Labels: enhancement

#66 - 3.0.6 version in npm?

Issue - State: closed - Opened by seancolyer 8 months ago - 3 comments

#65 - Cookie invalid prefix

Issue - State: closed - Opened by juan-cyb 8 months ago - 4 comments

#64 - Types broken with tsc build

Issue - State: closed - Opened by psibean 9 months ago - 6 comments

#63 - Testing revamp

Issue - State: open - Opened by psibean 10 months ago
Labels: enhancement

#62 - Documentation revamp

Issue - State: open - Opened by psibean 10 months ago
Labels: documentation

#61 - Feat/hmac token signing

Pull Request - State: open - Opened by psibean 11 months ago - 4 comments

#60 - Feat/per token cookie settings

Pull Request - State: closed - Opened by psibean 11 months ago

#59 - Refactor/parameter cleanup

Pull Request - State: closed - Opened by psibean 11 months ago - 1 comment

#58 - feat: allow customizable error

Pull Request - State: closed - Opened by psibean 11 months ago - 1 comment

#57 - Why forcing httpOnly cookie flag?

Issue - State: closed - Opened by pbryant-xag 11 months ago - 12 comments
Labels: enhancement, breaking

#56 - If the csrf cookie is changed manually after it is set, the application crashes even with get request and the error does not go to the handler

Issue - State: closed - Opened by Sertturk16 11 months ago - 6 comments

#55 - How to change the error message returned?

Issue - State: closed - Opened by chr15m 12 months ago - 3 comments
Labels: documentation, enhancement, good first issue

#54 - Unable to get Node Express & React app working with csrf-csrf

Issue - State: closed - Opened by kashaf-s about 1 year ago - 12 comments

#53 - Token hash problem

Issue - State: closed - Opened by hoshixlily about 1 year ago - 4 comments

#52 - Token inaccessible from req.headers

Issue - State: closed - Opened by Jawad-Ali2 about 1 year ago - 5 comments

#51 - The TypeScript compiler is unable to recognize the extended Request interface, specifically the csrfToken method.

Issue - State: closed - Opened by bkvishe about 1 year ago - 7 comments
Labels: enhancement, good first issue

#50 - Why is setting a CSRF cookie or header not recommended?

Issue - State: closed - Opened by chr15m about 1 year ago - 1 comment

#49 - Fix: Changes in DoubleCsrfConfig interface related to optional keys

Pull Request - State: closed - Opened by bkvishe about 1 year ago - 2 comments

#48 - Update README.md

Pull Request - State: closed - Opened by kurtfurbush about 1 year ago

#47 - refactor: move types into types.ts

Pull Request - State: closed - Opened by psibean about 1 year ago - 1 comment

#46 - Unable to control cookie expiry (or cookie refresh) on a per generation basis

Issue - State: open - Opened by 1Map about 1 year ago - 5 comments
Labels: bug, breaking

#45 - chore: dependency bump

Pull Request - State: closed - Opened by psibean about 1 year ago

#44 - chore: bump dependencies

Pull Request - State: closed - Opened by psibean about 1 year ago

#43 - Improve CommonJS support

Pull Request - State: closed - Opened by etal2 about 1 year ago - 1 comment

#42 - feat: allow to override cookie's httpOnly flag

Pull Request - State: closed - Opened by felixmosh about 1 year ago - 1 comment

#41 - allow to override `httpOnly` field of the cookie

Issue - State: closed - Opened by felixmosh about 1 year ago - 25 comments

#40 - docs: add docstrings to public methods

Pull Request - State: closed - Opened by davidgonmar about 1 year ago - 1 comment

#39 - this is not an issue but i couldn't find it what we have to do for sending in frontend type hidden after we generate the token

Issue - State: closed - Opened by aveein about 1 year ago - 8 comments

#38 - Update README.md

Pull Request - State: closed - Opened by Joniii11 over 1 year ago - 1 comment

#37 - Feat/allow multiple secrets

Pull Request - State: closed - Opened by psibean over 1 year ago - 1 comment

#36 - Invalid CSRF error after making ajax get call

Issue - State: closed - Opened by doaortu over 1 year ago - 6 comments

#35 - ForbiddenError: invalid csrf token

Issue - State: closed - Opened by chamathjayasekara99 over 1 year ago - 1 comment

#34 - Secret rotation does not work without overwrite

Issue - State: closed - Opened by gtudan over 1 year ago - 14 comments

#33 - add types to package.json `exports` block

Pull Request - State: closed - Opened by Lordfirespeed over 1 year ago

#32 - Package cannot be imported in TypeScript with `moduleResolution`: `NodeNext`

Issue - State: closed - Opened by Lordfirespeed over 1 year ago