mirror of
https://github.com/astaxie/beego.git
synced 2024-11-25 20:10:56 +00:00
Abort with the pre-defined status code when handling XSRF error
As the status codes(422 and 417) are set in the error map, abort with them directly to active the pre-defined error handlers Signed-off-by: Wenkai Yin <yinw@vmware.com>
This commit is contained in:
parent
1923b8c767
commit
793047097c
@ -169,11 +169,11 @@ func (ctx *Context) CheckXSRFCookie() bool {
|
|||||||
token = ctx.Request.Header.Get("X-Csrftoken")
|
token = ctx.Request.Header.Get("X-Csrftoken")
|
||||||
}
|
}
|
||||||
if token == "" {
|
if token == "" {
|
||||||
ctx.Abort(403, "'_xsrf' argument missing from POST")
|
ctx.Abort(422, "422")
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
if ctx._xsrfToken != token {
|
if ctx._xsrfToken != token {
|
||||||
ctx.Abort(403, "XSRF cookie does not match POST argument")
|
ctx.Abort(417, "417")
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
return true
|
return true
|
||||||
|
Loading…
Reference in New Issue
Block a user