lbsadmin/Beego
1
0
Fork 0
mirror of https://github.com/astaxie/beego.git synced 2024-11-22 06:00:55 +00:00
Code Issues Releases Activity

Merge pull request #3867 from ywk253100/191119_xsrf

Browse Source 
Abort with the pre-defined status code when handling XSRF error
This commit is contained in:
astaxie 2019-11-29 18:43:02 +08:00 committed by GitHub
commit aa90c67a75
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
context/context.go
View File

@ -169,11 +169,11 @@ func (ctx *Context) CheckXSRFCookie() bool {
token = ctx.Request.Header.Get("X-Csrftoken")
}
if token == "" {
ctx.Abort(403, "'_xsrf' argument missing from POST")
ctx.Abort(422, "422")
return false
}
if ctx._xsrfToken != token {
ctx.Abort(403, "XSRF cookie does not match POST argument")
ctx.Abort(417, "417")
return false
}
return true