search

eggjs / egg-security

Security plugin for egg, force performance too.
MIT License
238 stars 43 forks source link

feat: config.security.csrf.cookieDomain can be function #17

Closed fengmk2 closed 7 years ago

fengmk2 commented 7 years ago

closes https://github.com/eggjs/egg/issues/868

fengmk2 commented 7 years ago

内部 ctoken 必须设置 domain

codecov[bot] commented 7 years ago

Codecov Report

Merging #17 into master will increase coverage by 0.03%. The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master      #17      +/-   ##
==========================================
+ Coverage   95.62%   95.65%   +0.03%     
==========================================
  Files          25       25              
  Lines         411      414       +3     
==========================================
+ Hits          393      396       +3     
  Misses         18       18
Impacted Files Coverage Δ
config/config.default.js 100% <ø> (ø) :arrow_up:
app/extend/context.js 100% <ø> (ø) :arrow_up:
app.js 100% <100%> (ø) :arrow_up:

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 50608bf...934452b. Read the comment docs.

dead-horse commented 7 years ago

1.10.0

fengmk2 commented 7 years ago

app.config.security.csrf 可能为 false 吧

@dead-horse 不管?

dead-horse commented 7 years ago

false 的时候处理这个逻辑好像也没问题,只要不是 undefined