Skip to content

Commit

Permalink
📝 docs: add doc about usage of CSRF and EncryptCookie middlewares. (#…
Browse files Browse the repository at this point in the history 
…2141)
  • Loading branch information
@efectn
efectn authored Oct 6, 2022
1 parent 6a5fc64 commit 925d5d0
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions middleware/encryptcookie/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,3 +95,19 @@ app.Use(encryptcookie.New(encryptcookie.Config{
Key: "secret-thirty-2-character-string",
}))
```

## Usage of CSRF and Encryptcookie Middlewares with Custom Cookie Names
Normally, encryptcookie middleware skips `csrf_` cookies. However, it won't work when you use custom cookie names for CSRF. You should update `Except` config to avoid this problem. For example:

```go
app.Use(encryptcookie.New(encryptcookie.Config{
Key: "secret-thirty-2-character-string",
Except: []string{"csrf_1"}, // exclude CSRF cookie
}))

app.Use(csrf.New(csrf.Config{
KeyLookup: "form:test",
CookieName: "csrf_1",
CookieHTTPOnly: true,
}))
```

1 comment on commit 925d5d0

@ReneWerner87
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Performance Alert ⚠️

Possible performance regression was detected for benchmark.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 2.

Benchmark suite Current: 925d5d0 Previous: bdc2e52 Ratio
Benchmark_TrimLeft/fiber 11.38 ns/op 0 B/op 0 allocs/op 3.625 ns/op 0 B/op 0 allocs/op 3.14

This comment was automatically generated by workflow using github-action-benchmark.

Please sign in to comment.