Closed danielsz closed 10 years ago
The README needs a bit of updating. The anti-forgery options can be customised the same as every other piece of middleware in Ring-Defaults, e.g.
:security {:anti-forgery {:read-token ...}}
I had a look at the source, and my understanding is that customisation maps are just passed along to their relevant middleware, which makes it very flexible. Very cool.
What would be an idiomatic way to merge a customisation with the default config map, say site-defaults
? assoc-in
perhaps?
assoc-in
or merge
or merge-with
or whatever you want, really.
Cool, thanks.
It's nice to have the config map to tweak the defaults. But some middleware have further customisations. For example, suppose I want to provide a function to
wrap-anti-forgery
function. According to the docs:What is the best way to deal with this?
Should I set
:security {:anti-forgery false}
?Is there no risk of middleware getting out of order with this method?