it can't work in multipart/form-data form

koajs / csrf

CSRF tokens for koa

MIT License

264 stars 32 forks source link

it can't work in multipart/form-data form #15

Closed Megic closed 6 years ago

Megic commented 9 years ago

it can't work in multipart/form-data form

dead-horse commented 9 years ago

code?

Megic commented 9 years ago

  var token = (body && body._csrf)
    || (this.query && this.query._csrf)
    || (this.get('x-csrf-token'))
    || (this.get('x-xsrf-token'))
    || body

add || (body&&body.fields._csrf) to

var token = (body && body._csrf) || (body&&body.fields._csrf)//multipart/form-data form || (this.query && this.query._csrf) || (this.get('x-csrf-token')) || (this.get('x-xsrf-token')) || body

dead-horse commented 9 years ago

can you get the token from request body use your code?

zenxds commented 7 years ago

@Megic you can add _csrf param in post url, not in post body

stephenmathieson commented 6 years ago

Closing due to inactivity.