Psifi-Solutions/csrf-csrf
A utility package to help implement stateless CSRF protection using the Double Submit Cookie Pattern in express.
TypeScriptNOASSERTION
Issues
- 2
Issue with latest build
#74 opened by khaleddrashadd - 3
3.0.6 version in npm?
#66 opened by seancolyer - 3
csrf token cannot be overwriten on brave browser whlie redirecting via external link
#71 opened by Sertturk16 - 4
Support Express-like frameworks
#67 opened by Lordfirespeed - 7
The TypeScript compiler is unable to recognize the extended Request interface, specifically the csrfToken method.
#51 opened by bkvishe - 6
Types broken with tsc build
#64 opened by psibean - 4
Log options - provide an event emitter API
#68 opened by timtong1982 - 4
Cookie invalid prefix
#65 opened by juan-cyb - 11
Why forcing httpOnly cookie flag?
#57 opened by pbryant-xag - 0
Documentation revamp
#62 opened by psibean - 0
Testing revamp
#63 opened by psibean - 5
- 3
How to change the error message returned?
#55 opened by chr15m - 6
If the csrf cookie is changed manually after it is set, the application crashes even with get request and the error does not go to the handler
#56 opened by Sertturk16 - 12
- 4
Token hash problem
#53 opened by hoshixlily - 1
- 5
Token inaccessible from req.headers
#52 opened by Jawad-Ali2 - 1
ForbiddenError: invalid csrf token
#35 opened by chamathjayasekara99 - 25
- 8
this is not an issue but i couldn't find it what we have to do for sending in frontend type hidden after we generate the token
#39 opened by aveein - 14
Secret rotation does not work without overwrite
#34 opened by gtudan - 6
Invalid CSRF error after making ajax get call
#36 opened by doaortu - 0
Package cannot be imported in TypeScript with `moduleResolution`: `NodeNext`
#32 opened by Lordfirespeed - 13
Signed cookie in generateToken fn
#11 opened by Dzixxx - 1
Allow for a custom error to be thrown without completely remaking the middleware
#15 opened by psibean - 8
Readme need revamp
#20 opened by proyb6 - 4
- 1
Add an async example to the README
#5 opened by psibean - 4
- 7
Incorrect Type-Only Import of HttpError
#13 opened by stateoflux - 8
CommonJS usage
#6 opened by SeanLatimer - 0
Support for secret rotation
#3 opened by psibean