Bug#946016: ITP: golang-github-gorilla-csrf -- provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services
Package: wnpp
Severity: wishlist
Owner: Anthony Fok <foka@debian.org>
* Package name : golang-github-gorilla-csrf
Version : 1.6.2-1
Upstream Author : Gorilla Web Toolkit
* URL : https://github.com/gorilla/csrf
* License : BSD-3-clause
Programming Lang: Go
Description : Cross Site Request Forgery (CSRF) prevention middleware for Go
gorilla/csrf is a HTTP middleware library that provides cross-site request
forgery (CSRF) protection. It includes:
.
* The csrf.Protect middleware/handler provides CSRF protection on routes
attached to a router or a sub-router.
* A csrf.Token function that provides the token to pass into your response,
whether that be a HTML form or a JSON response body.
* ... and a csrf.TemplateField helper that you can pass into your
html/template templates to replace a {{ .csrfField }} template tag
with a hidden input field.
.
gorilla/csrf is designed to work with any Go web framework, including:
.
* The Gorilla toolkit
* Go's built-in net/http package
* Goji - see the tailored fork https://github.com/goji/csrf
* Gin
* Echo
* ... and any other router/framework that rallies around Go's http.Handler
interface.
.
gorilla/csrf is also compatible with middleware 'helper' libraries
like Alice and Negroni.
Rationale: Needed by golang-github-alecthomas-chroma 0.6.8 and up.
Reply to: