Closed linkRace closed 6 years ago
Enables defining an array or string of routes that either require a CSRF token for only those routes or do not require of CSRF token for only those routes.
eg:
csrf: { 'whitelist': [ '/whitelist', '/also/whitelist' ] }
If you try to reach either /whitelist or /also/whitelist, you will need a CSRF token but all other post routes will not require one.
/whitelist
/also/whitelist
If you configured that as blacklist, those routes would not require a CSRF token but all others would.
lgtm 👍
vonbearshark
commented
6 years ago
Enables defining an array or string of routes that either require a CSRF token for only those routes or do not require of CSRF token for only those routes.
eg:
If you try to reach either
/whitelistor/also/whitelist, you will need a CSRF token but all other post routes will not require one.If you configured that as blacklist, those routes would not require a CSRF token but all others would.