server/beego
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
beego/server/web
History
zh199225 ee7e5ab6a8
修正:XSRFToken函数在特定情况下会产生多个不同Path的_xsrf同名cookie 
例如:访问”/login“页面,有个表单,此时会产生一个_xsrf cookie,Path为”/“,此时手动删除_xsrf cookie,Post提交到“/test/post”,会报错expected XSRF not found;后退到”/login“页面,会产生一个Path为”/login“的_xsrf cookie,然后访问"/"根页面,再回到"/login"页面,这时会产生两个_xsrf cookie,Path分别为"/"和”/login",再向"/test/post"页面提交,后端就可能读到错误的_xsrf cookie造成XSRF验证失败。
在XSRFToken函数中,将SetSecureCookie函数中的Path参数固定为"/",可以解决这个问题
2021-08-19 13:08:29 +08:00
..
captcha
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
context
修正:XSRFToken函数在特定情况下会产生多个不同Path的_xsrf同名cookie
2021-08-19 13:08:29 +08:00
filter
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
grace
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
mock
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
pagination
rename to v2
2020-12-14 11:12:00 +08:00
session
Fix: avoid shadow of builtin
2021-06-17 03:36:48 +08:00
swagger
format code
2020-12-14 12:34:55 +08:00
admin_controller.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
admin_test.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
admin.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
adminui.go
rename key world 'governor' to 'admin'
2020-12-13 19:11:07 +08:00
beego.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
config_test.go
Add comments for BConfig
2021-08-02 00:01:48 +08:00
config.go
Add change log
2021-08-04 22:59:04 +08:00
controller_test.go
Refator:
2021-08-10 23:27:06 +08:00
controller.go
Refator:
2021-08-10 23:27:06 +08:00
doc.go
rename to v2
2020-12-14 11:12:00 +08:00
error_test.go
remove pkg directory;
2020-10-08 18:29:36 +08:00
error.go
Fix imports by gci
2021-05-19 22:28:05 +08:00
filter_chain_test.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
filter_test.go
rename to v2
2020-12-14 11:12:00 +08:00
filter.go
Add change log
2021-08-04 22:59:04 +08:00
flash_test.go
Make compatible
2021-01-03 22:00:47 +08:00
flash.go
format code
2020-12-14 12:34:55 +08:00
fs.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
hooks.go
Fix imports by gci
2021-05-19 22:28:05 +08:00
LICENSE
using new organization
2020-12-13 23:09:19 +08:00
mime.go
remove pkg directory;
2020-10-08 18:29:36 +08:00
namespace_test.go
Rename RouterXXX to CtrlXXX
2021-08-04 21:47:47 +08:00
namespace.go
Rename RouterXXX to CtrlXXX
2021-08-04 21:47:47 +08:00
policy.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
router_test.go
Rename RouterXXX to CtrlXXX
2021-08-04 21:47:47 +08:00
router.go
Rename RouterXXX to CtrlXXX
2021-08-04 21:47:47 +08:00
server_test.go
Rename RouterXXX to CtrlXXX
2021-08-04 21:47:47 +08:00
server.go
Add change log
2021-08-04 22:59:04 +08:00
staticfile_test.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
staticfile.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
statistics_test.go
remove pkg directory;
2020-10-08 18:29:36 +08:00
statistics.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
template_test.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
template.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
templatefunc_test.go
Merge remote-tracking branch 'origin/develop' into develop
2021-06-16 23:21:45 +08:00
templatefunc.go
Refator:
2021-08-10 23:27:06 +08:00
tree_test.go
Fix: refine tests
2021-06-18 00:51:00 +08:00
tree.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00
unregroute_test.go
Fix lint and format code in server dir
2021-06-07 19:03:40 +08:00