We should allow users to define their own csrf-recovery handlers, so I made tryCsrf and then implemented csrf in terms of that.
By default all of the same error-handling occurs, but I took the opportunity to make a type out of the errors so that users could figure out what they wanted to do.
This came up as we were migrating some stuff at work from Nancy to Giraffe/Saturn, and we realized we had different responses to CSRF token errors in different places.
We should allow users to define their own csrf-recovery handlers, so I made
tryCsrf
and then implementedcsrf
in terms of that.By default all of the same error-handling occurs, but I took the opportunity to make a type out of the errors so that users could figure out what they wanted to do.