psibean
commented
7 months ago Looks good to me. One thing I'd add is that, since you are changing the interface, to allow adding a factory function instead of the CsrfErrorConfig (one or the other). Something like:
Could be useful, it's also a non-breaking (backwards compatible) change so will consider it separately from this one. 👍🏻 It's typically what the error handler middleware should be setup to do in any case.
Exposes the statusCode, message, and code parameters for the error initialization
This will fix issue #55