krakenjs / lusca

Application security for express apps.

Other

1.79k stars 139 forks source link

CSRF:how to provide a specific list of urls for check-CSRF to ignore #105

Closed finmily closed 7 years ago

finmily commented 7 years ago

Like that:

  var impl, key, header, secret, cookie, filterUrl;
  filterUrl = options.filterUlr || []; //list of urls
 ...
  //middleware---if the url is specificed ,call next()
  if (filterUrl.indexof(req.originalUrl) !== -1) {
     next();
  }

finmily commented 7 years ago

krakenjs / lusca

CSRF:how to provide a specific list of urls for check-CSRF to ignore #105

58