fastify/csrf-protection

Issues

• csrfProtection() should ignore GET/HEAD/OPTIONS

  #166 opened 3 months ago by johaven
  1

• Missing `userInfo` type in options for `generateCsrf`

  #150 opened a year ago by likerRr
  1

• Bug with sessionPlugin in NestJS with Fastify

  #135 opened 2 years ago by DevDJpl
  7

• Bug in type definition

  #147 opened a year ago by hobi9
  1

• Property 'sessionPlugin' is missing in type '{ cookieOpts: { signed: true; }; }' but required in type 'FastifyCsrfProtectionOptionsFastifySecureSession'

  #133 opened 2 years ago by alabbas-ali
  5

• CSRF route protection example given in README not working

  #131 opened 2 years ago by ganjarsetia
  1

• `req.body` is undefined

  #130 opened 2 years ago by williamputraintan
  2

• Method `generateCsrf` return type should be a `string` instead of `FastifyReply`

  #124 opened 2 years ago by Arnesfield
  1

• Disable CSRF Token Reuse

  #123 opened 2 years ago by raviroshanmehta
  3

• Invalid csrf token from cookie value

  #118 opened 2 years ago by Poiuytrezay1
  6

• Remarks regarding v6.0.0 release notes

  #116 opened 2 years ago by Uzlopak
  2

• I got the error "Invalid token" when submitting a POST request to route registered from a file.

  #107 opened 2 years ago by meotimdihia
  1

• Use tokens.secretSync instead of .secret

  #99 opened 2 years ago by Uzlopak
  0

• Module did not self-register

  #45 opened 4 years ago by alexandrmiee
  0

• TypeError: Cannot read property 'constructor' of undefined

  #41 opened 4 years ago by razr001
  2

• Move to the Fastify org

  #20 opened 4 years ago by delvedor
  8

• Fasify 3 warning

  #18 opened 4 years ago by bardak-dev
  1

• Typescript definitions not working

  #15 opened 5 years ago by mksony
  8

• firefox mobile invalid csrf

  #16 opened 5 years ago by petersowa
  2

• Signed cookies are not supported

  #13 opened 5 years ago by jurca
  5

• TypeScript definitions file is not published to the npm registry

  #12 opened 5 years ago by jurca
  1

• Cookie example given in the docs not working

  #9 opened 5 years ago by jibin2706
  2

• how does a cookie protect against CSRF?

  #10 opened 5 years ago by wmertens
  2

• httpOnly

  #8 opened 6 years ago by berrg
  1

• Errors are not handled in the preHandler hook, if you don't throw it

  #7 opened 6 years ago by manuel-di-iorio
  1

• Do not mix callback and async/await

  #6 opened 6 years ago by mcollina
  1

• missing travis/continuous integration

  #4 opened 6 years ago by mcollina
  3

• rely on fastify-cookie instead of using Cookie directly

  #1 opened 6 years ago by mcollina
  1

• Do not use secretSync(), use secret()

  #2 opened 6 years ago by mcollina
  1

• missing license file

  #3 opened 6 years ago by mcollina
  1