justinas/nosurf issues and pull requests

#69 - CSRF failed with bad request

Issue - State: closed - Opened by hoang408 over 1 year ago - 1 comment

#68 - Added Install command of nosurf in README.md

Pull Request - State: open - Opened by bishal7679 over 1 year ago

#67 - Installing command of `nosurf` is missing in README.md

Issue - State: open - Opened by bishal7679 over 1 year ago

#66 - Ability to handle multiple cookies in context

Issue - State: open - Opened by stefanoschrs over 1 year ago - 5 comments

#65 - Inappropriate key in call to `context.WithValue`

Issue - State: open - Opened by raheel0x01 almost 2 years ago

#64 - How does nosurf OTP protect against BREACH?

Issue - State: closed - Opened by Xeoncross over 3 years ago - 5 comments

#63 - ignore me

Pull Request - State: closed - Opened by aeneasr over 3 years ago

#62 - Add failing test case for double cookie setting

Pull Request - State: open - Opened by aeneasr over 3 years ago - 3 comments

#61 - RegenerateToken generates two CSRF cookies when no previous CSRF cookie was set

Issue - State: open - Opened by aeneasr over 3 years ago

#60 - Resolve critical vulnerability allowing arbitrary tokens to pass as matching

Pull Request - State: closed - Opened by aeneasr almost 4 years ago - 7 comments

#59 - Is this normal behavior?

Issue - State: closed - Opened by NCSantos over 4 years ago - 5 comments

#58 - Update handler.go

Pull Request - State: closed - Opened by okdas over 4 years ago

#57 - Combining Session and CSRF cookie

Issue - State: closed - Opened by Xeoncross over 4 years ago - 3 comments

#56 - Logging

Issue - State: open - Opened by tegk almost 5 years ago - 1 comment

#55 - Prevent form resubmit

Issue - State: closed - Opened by hazcod about 5 years ago - 1 comment

#54 - Add gin-gonic example

Pull Request - State: open - Opened by hazcod about 5 years ago - 3 comments

#53 - Doubts about many cookies and many Path for a single domain.

Issue - State: open - Opened by frederikhors over 5 years ago - 13 comments

#52 - Wiki page for newbies doubts and problems

Issue - State: open - Opened by frederikhors over 5 years ago

#51 - SetBaseCookie not having effect

Issue - State: closed - Opened by hazcod over 5 years ago - 8 comments

#50 - ReadME Fix: Replace `Token(r)` with `nosurf.Token(r)`

Pull Request - State: closed - Opened by lon-io almost 6 years ago - 1 comment

#49 - Return empty string if token does not exist in request context

Pull Request - State: closed - Opened by alexedwards almost 6 years ago - 2 comments

#48 - Possible flaw

Issue - State: closed - Opened by arjndr about 6 years ago - 2 comments

#47 - Allow setting the name of the CSRF cookie

Pull Request - State: closed - Opened by machiel over 6 years ago - 2 comments

#46 - Remove Referer check

Issue - State: open - Opened by Lekensteyn over 6 years ago - 1 comment

#45 - Allow setting the name of the CSRF cookie

Pull Request - State: closed - Opened by machiel almost 7 years ago - 4 comments

#44 - example is insecure

Issue - State: closed - Opened by jolan almost 7 years ago - 4 comments

#43 - please consider updating tags or deleting the current tag

Issue - State: closed - Opened by jolan almost 7 years ago - 3 comments

#42 - Send a response body in defaultFailureHandler

Pull Request - State: closed - Opened by alexedwards almost 7 years ago - 1 comment

#41 - Send a response body in defaultFailureHandler

Issue - State: closed - Opened by alexedwards almost 7 years ago - 2 comments

#40 - Append whole slice instead of append every single element

Pull Request - State: closed - Opened by n10v almost 7 years ago - 1 comment

#39 - Token value error

Issue - State: closed - Opened by hellower over 7 years ago - 6 comments

#38 - Simplify code, follow some linter suggestions

Pull Request - State: closed - Opened by matiasinsaurralde over 7 years ago - 1 comment

#37 - Filtering out safe methods and excluded paths

Issue - State: closed - Opened by inmylo over 7 years ago - 2 comments

#36 - Remove reference to now-deleted examples directory

Pull Request - State: closed - Opened by benmanns over 7 years ago - 1 comment

#35 - Seems to be broken with Go 1.7

Issue - State: closed - Opened by jack-chung almost 8 years ago - 13 comments

#34 - Remove examples folder

Issue - State: closed - Opened by alexedwards about 8 years ago - 2 comments

#33 - Why is the token base64 encoded?

Issue - State: closed - Opened by ghost over 8 years ago - 3 comments

#32 - Use http.Error to also set text/plain content type

Pull Request - State: closed - Opened by wader over 8 years ago - 2 comments

#31 - Broken response with nosurf and gzip middleware

Issue - State: closed - Opened by wader over 8 years ago - 2 comments

#30 - How to use with gin?

Issue - State: closed - Opened by dre1080 almost 9 years ago - 6 comments

#29 - Expose VerifyToken.

Pull Request - State: closed - Opened by orian almost 9 years ago - 2 comments

#28 - Use golang.org/x/net/context instead of gorilla based context

Issue - State: closed - Opened by alitn about 9 years ago - 3 comments

#27 - nosurf breaks MultipartReader()

Issue - State: closed - Opened by bryanjeal about 9 years ago - 12 comments

#26 - Failure with enctype="multipart/form-data"

Issue - State: closed - Opened by bryanjeal about 9 years ago - 2 comments

#25 - Make reads of random bytes panic on error.

Pull Request - State: closed - Opened by dchest over 9 years ago - 2 comments

#24 - Blacklist handlers rather than wrapping all and whitelist some

Issue - State: open - Opened by peterbe over 9 years ago - 3 comments

#23 - ExemptRegexps doesn't work

Issue - State: closed - Opened by chespinoza over 9 years ago - 3 comments

#22 - "csrf_token" cookie being generated on exempted routes

Issue - State: closed - Opened by ghost over 9 years ago - 3 comments

#21 - OTP not implemented correctly.

Issue - State: closed - Opened by james-lawrence over 9 years ago - 3 comments

#20 - rename testutils.go to testutils_test.go

Pull Request - State: closed - Opened by dominikh over 9 years ago - 1 comment

#19 - Best approach if is required use multiple html forms in a template

Issue - State: open - Opened by chespinoza over 9 years ago - 3 comments

#18 - Allow context to use something other than an in-memory map

Issue - State: closed - Opened by jkodumal over 9 years ago - 1 comment

#17 - Httprouter compatibility?

Issue - State: closed - Opened by chespinoza over 9 years ago - 2 comments

#16 - Cookie tokens not masked?

Issue - State: closed - Opened by paulbellamy almost 10 years ago - 5 comments

#15 - Added *CSRFHandler.ExemptFunc, for matching on more complex rules

Pull Request - State: closed - Opened by paulbellamy almost 10 years ago - 3 comments

#14 - Fleshed out Goji example to show how to apply a custom nosurf instance.

Pull Request - State: closed - Opened by elithrar almost 10 years ago - 4 comments

#13 - Changed default expiry to 1 day (from 365 days).

Pull Request - State: closed - Opened by elithrar almost 10 years ago - 2 comments

#12 - Changed references to encrypt/decrypt to mask/unmask.

Pull Request - State: closed - Opened by elithrar almost 10 years ago - 1 comment

#11 - Signing Cookies

Issue - State: closed - Opened by elithrar almost 10 years ago - 8 comments

#10 - Added Goji (https://goji.io) + nosurf example.

Pull Request - State: closed - Opened by elithrar almost 10 years ago - 1 comment

#9 - Fixed possible typo.

Pull Request - State: closed - Opened by bfitzsimmons almost 10 years ago - 1 comment

#8 - Adds call to ctxClear to avoid memory leak.

Pull Request - State: closed - Opened by ghost almost 10 years ago - 2 comments

GitHub / justinas/nosurf issues and pull requests