mirror of
https://github.com/astaxie/beego.git
synced 2024-12-22 23:20:48 +00:00
Merge pull request #3867 from ywk253100/191119_xsrf
Abort with the pre-defined status code when handling XSRF error
This commit is contained in:
commit
aa90c67a75
@ -169,11 +169,11 @@ func (ctx *Context) CheckXSRFCookie() bool {
|
||||
token = ctx.Request.Header.Get("X-Csrftoken")
|
||||
}
|
||||
if token == "" {
|
||||
ctx.Abort(403, "'_xsrf' argument missing from POST")
|
||||
ctx.Abort(422, "422")
|
||||
return false
|
||||
}
|
||||
if ctx._xsrfToken != token {
|
||||
ctx.Abort(403, "XSRF cookie does not match POST argument")
|
||||
ctx.Abort(417, "417")
|
||||
return false
|
||||
}
|
||||
return true
|
||||
|
Loading…
Reference in New Issue
Block a user