issues
search
juanbzpy
/
next-csrf
CSRF mitigation for Next.js
https://npm.im/next-csrf
MIT License
140
stars
22
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Missing HttpOnly Cookies with setup() Wrapper Usage
#71
xereda
opened
6 months ago
0
Next.js v13
#69
MaximKing1
opened
1 year ago
1
Do not lower case CSRF Secret key
#68
tochoromero
opened
1 year ago
0
Failed to read secret cookie in setup function
#67
tochoromero
opened
1 year ago
0
Bump minimist from 1.2.5 to 1.2.8
#66
dependabot[bot]
opened
1 year ago
0
Bump minimist from 1.2.5 to 1.2.8 in /example
#65
dependabot[bot]
opened
1 year ago
0
Bump http-cache-semantics from 4.1.0 to 4.1.1
#64
dependabot[bot]
opened
1 year ago
0
Bump cookiejar from 2.1.2 to 2.1.4
#63
dependabot[bot]
opened
1 year ago
0
Bump json5 from 1.0.1 to 1.0.2
#62
dependabot[bot]
opened
1 year ago
0
Bump json5 from 1.0.1 to 1.0.2 in /example
#61
dependabot[bot]
opened
1 year ago
0
Bump json5 and next in /example
#60
dependabot[bot]
opened
1 year ago
0
Bump json5, tsconfig-paths and next
#59
dependabot[bot]
opened
1 year ago
0
Keep original args of handler so we have access to the context
#58
rduque1
opened
1 year ago
4
Bump qs from 6.5.2 to 6.5.3
#57
dependabot[bot]
opened
1 year ago
0
Bump decode-uri-component from 0.2.0 to 0.2.2
#56
dependabot[bot]
opened
1 year ago
0
Bump decode-uri-component from 0.2.0 to 0.2.2 in /example
#55
dependabot[bot]
opened
1 year ago
0
Bump loader-utils and next
#54
dependabot[bot]
opened
1 year ago
0
Bump minimatch from 3.0.4 to 3.1.2 in /example
#53
dependabot[bot]
opened
1 year ago
0
Bump loader-utils and next in /example
#52
dependabot[bot]
opened
1 year ago
0
Issues on live server
#51
vampiregrodon
opened
1 year ago
0
handle getServerSideProps with return GetServerSideProps type
#50
candraaji
closed
1 year ago
2
The implementation probably defeats the purpose of CSRF protection
#49
sha256
opened
2 years ago
3
Pass context back to GetServerProps handler
#48
al-bimani
opened
2 years ago
4
Bump jsdom from 16.4.0 to 16.7.0
#47
dependabot[bot]
opened
2 years ago
0
Bump next from 9.5.5 to 12.1.0
#44
dependabot[bot]
closed
1 year ago
1
Bump next from 9.5.3 to 12.1.0 in /example
#43
dependabot[bot]
closed
1 year ago
1
Bump ssri from 6.0.1 to 6.0.2 in /example
#42
dependabot[bot]
opened
2 years ago
0
Bump ansi-regex from 5.0.0 to 5.0.1 in /example
#41
dependabot[bot]
opened
2 years ago
0
Prep for release
#40
juanbzpy
closed
2 years ago
0
Bump minimist from 1.2.5 to 1.2.6
#39
dependabot[bot]
closed
1 year ago
1
Internal server error
#38
Darren120
closed
2 years ago
2
Bump next from 9.5.5 to 11.1.3
#37
dependabot[bot]
closed
2 years ago
1
how to use in API endpoint
#36
nizarfadlan
closed
2 years ago
15
"Signed cookie string must be provided." with multiple cookies
#35
vla-dev
closed
2 years ago
2
Avoid calling 'unsign' in case if the token from cookie is 'undefined…
#34
vla-dev
closed
2 years ago
1
Do I use correctly next-csrf ??
#33
nataliagoskapracuj
closed
2 years ago
5
Parse method always returns an object
#32
CarlinCanales
closed
2 years ago
1
Bug fix extracting tokenFromHeaders
#31
yuriharrison
closed
2 years ago
0
Broken middleware
#30
yuriharrison
closed
2 years ago
3
Highlight the preferred way to use `next-csrf`, with the API route's alternative
#29
juanbzpy
closed
2 years ago
0
Explain in the documentation when you need CSRF mitigation. Not every project needs it
#28
juanbzpy
opened
2 years ago
0
Explain in the documentation why exposing an API route to set up the CSRF token is a bad idea
#27
juanbzpy
opened
2 years ago
0
How to protect api routes on first request?
#26
gabrielkuettel
closed
2 years ago
1
Env variable cant load on browser
#25
vedrane
opened
3 years ago
3
Bump next from 9.5.5 to 11.1.0
#24
dependabot[bot]
closed
2 years ago
1
"TypeError: Secret string must be provided."
#23
Brawl345
closed
2 years ago
21
Header ‘xsrf-token’ is not allowed
#22
emmarvpol
closed
3 years ago
1
emit typings in build
#21
thegoleffect
closed
3 years ago
1
Bump color-string from 1.5.3 to 1.5.5
#20
dependabot[bot]
closed
3 years ago
1
fix 'inherits' of undefined
#19
juanbzpy
closed
3 years ago
0
Next