EnableXSRF

2025-07-12 09:51:01 +00:00 · 2013-08-06 23:21:52 +08:00
parent 2fa534ff26
commit f9a31ea00a
4 changed files with 27 additions and 3 deletions
--- a/controller.go
+++ b/controller.go
@ -352,7 +352,7 @@ func (c *Controller) XsrfToken() string {
 			h := hmac.New(sha1.New, []byte(XSRFKEY))
 			fmt.Fprintf(h, "%s:%d", c.Ctx.Request.RemoteAddr, time.Now().UnixNano())
 			tok := fmt.Sprintf("%s:%d", h.Sum(nil), time.Now().UnixNano())
-			token := base64.URLEncoding.EncodeToString([]byte(tok))
+			token = base64.URLEncoding.EncodeToString([]byte(tok))
 			c.Ctx.SetCookie("_xsrf", token)
 		}
 		c._xsrf_token = token
@ -362,7 +362,6 @@ func (c *Controller) XsrfToken() string {

 func (c *Controller) CheckXsrfCookie() bool {
 	token := c.GetString("_xsrf")
-
 	if token == "" {
 		token = c.Ctx.Request.Header.Get("X-Xsrftoken")
 	}