1
0
mirror of https://github.com/astaxie/beego.git synced 2024-11-25 20:10:56 +00:00

Abort with the pre-defined status code when handling XSRF error

As the status codes(422 and 417) are set in the error map, abort with them directly to active the pre-defined error handlers

Signed-off-by: Wenkai Yin <yinw@vmware.com>
This commit is contained in:
Wenkai Yin 2019-11-19 18:55:54 +08:00
parent 1923b8c767
commit 793047097c

View File

@ -169,11 +169,11 @@ func (ctx *Context) CheckXSRFCookie() bool {
token = ctx.Request.Header.Get("X-Csrftoken") token = ctx.Request.Header.Get("X-Csrftoken")
} }
if token == "" { if token == "" {
ctx.Abort(403, "'_xsrf' argument missing from POST") ctx.Abort(422, "422")
return false return false
} }
if ctx._xsrfToken != token { if ctx._xsrfToken != token {
ctx.Abort(403, "XSRF cookie does not match POST argument") ctx.Abort(417, "417")
return false return false
} }
return true return true