jonathan/hostr
jonathan/hostr
1
0
Fork 0
Code Issues Pull requests 4 Projects Releases Packages 1 Wiki Activity Actions

Fix emails and csrf

Browse source
This commit is contained in:
Jonathan Cremin 2018-08-11 12:08:16 +01:00
parent c6e420893a
commit 207c12973e
7 changed files with 80 additions and 138 deletions
Download patch file Download diff file Expand all files Collapse all files

9
web/app.js
View file

@ -35,7 +35,14 @@ router.use(async (ctx, next) => {
await next();
});
router.use(new CSRF());
router.use(new CSRF({
invalidSessionSecretMessage: 'Invalid session secret',
invalidSessionSecretStatusCode: 403,
invalidTokenMessage: 'Invalid CSRF token',
invalidTokenStatusCode: 403,
excludedMethods: ['GET', 'HEAD', 'OPTIONS'],
disableQuery: false,
}));
router.use(views(path.join(__dirname, 'views'), {
extension: 'ejs',