lbsadmin/Beego
1
0
Fork 0
mirror of https://github.com/astaxie/beego.git synced 2025-07-12 00:01:02 +00:00
Code Issues Releases Activity

beego: XSRF support Controller level fix #610

Browse Source 
default value is true when you Enable Global XSRF, also can control in
the prepare function to change the value.
This commit is contained in:
astaxie
2014-05-17 00:12:25 +08:00
parent e657dcfd5f
commit c5c806b58e
3 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
controller.go
View File

@ -47,6 +47,7 @@ type Controller struct {
XSRFExpire int
AppController interface{}
EnableRender bool
EnableXSRF bool
}
// ControllerInterface is an interface to uniform all controller handler.
@ -76,6 +77,7 @@ func (c *Controller) Init(ctx *context.Context, controllerName, actionName strin
c.TplExt = "tpl"
c.AppController = app
c.EnableRender = true
c.EnableXSRF = true
c.Data = ctx.Input.Data
}
@ -441,6 +443,9 @@ func (c *Controller) XsrfToken() string {
// the token can provided in request header "X-Xsrftoken" and "X-CsrfToken"
// or in form field value named as "_xsrf".
func (c *Controller) CheckXsrfCookie() bool {
if !c.EnableXSRF {
return true
}
token := c.GetString("_xsrf")
if token == "" {
token = c.Ctx.Request.Header.Get("X-Xsrftoken")