Struct actix_csrf::CsrfMiddleware
source · [−]pub struct CsrfMiddleware<Rng> { /* private fields */ }
Expand description
CSRF middleware to manage CSRF cookies and tokens.
Implementations
sourceimpl<Rng: TokenRng + SeedableRng> CsrfMiddleware<Rng>
impl<Rng: TokenRng + SeedableRng> CsrfMiddleware<Rng>
sourcepub fn new() -> Self
pub fn new() -> Self
Creates a CSRF middleware with secure defaults. Namely:
- The CSRF cookie will be prefixed with
__Host-
. This also implies the following:Secure
is set.Domain
is not set.Path
is set to/
.
SameSite
is set toStrict
.HttpOnly
is set.
This represents the strictest possible configuration. Requests must be always sent over HTTPS. Users must explicitly relax these restrictions.
sourceimpl<Rng: TokenRng> CsrfMiddleware<Rng>
impl<Rng: TokenRng> CsrfMiddleware<Rng>
sourcepub fn with_rng(rng: Rng) -> Self
pub fn with_rng(rng: Rng) -> Self
Creates a CSRF middleware with secure defaults and the provided Rng. Namely:
- The CSRF cookie will be prefixed with
__Host-
. This also implies the following:Secure
is set.Domain
is not set.Path
is set to/
.
SameSite
is set toStrict
.HttpOnly
is set.
This represents the strictest possible configuration. Requests must be always sent over HTTPS. Users must explicitly relax these restrictions.
sourceimpl<Rng> CsrfMiddleware<Rng>
impl<Rng> CsrfMiddleware<Rng>
sourcepub const fn enabled(self, enabled: bool) -> Self
pub const fn enabled(self, enabled: bool) -> Self
Control whether we check for the token on requests.
Set a method and path to set a CSRF cookie. This should be all locations
that whose response should set a cookie (via a Set-Cookie
header) or
those that need the CSRF token value in the response, such as for forms.
Sets the cookie name. Consider using host_prefixed_cookie_name
or
secure_prefixed_cookie_name
to prefix the cookie name with
__Host-
or __Secure-
on your behalf, or prefixing it manually.
Sets the cookie name, with __Host-
automatically prefixed.
Examples
This functionally is equivalent to prefixing the cookie name with
__Host-
:
use actix_csrf::CsrfMiddleware;
use rand::rngs::StdRng;
let host_prefixed = CsrfMiddleware::<StdRng>::new()
.host_prefixed_cookie_name("my_special_cookie");
let manually_prefixed = CsrfMiddleware::<StdRng>::new()
.cookie_name("__Host-my_special_cookie");
assert_eq!(host_prefixed.cookie_config(), manually_prefixed.cookie_config());
Sets the cookie name. Consider using host_prefixed_cookie_name
or
manually prefixing it with __Host-
for increased defense-in-depth
measures. This is equivalent to calling
cookie_name(format!("__Secure-{}", name))
.
Examples
This functionally is equivalent to prefixing the cookie name with
__Secure-
:
use actix_csrf::CsrfMiddleware;
use rand::rngs::StdRng;
let host_prefixed = CsrfMiddleware::<StdRng>::new()
.secure_prefixed_cookie_name("my_special_cookie");
let manually_prefixed = CsrfMiddleware::<StdRng>::new()
.cookie_name("__Secure-my_special_cookie");
assert_eq!(host_prefixed.cookie_config(), manually_prefixed.cookie_config());
sourcepub const fn same_site(self, same_site: Option<SameSite>) -> Self
pub const fn same_site(self, same_site: Option<SameSite>) -> Self
Sets the SameSite
attribute on the cookie.
sourcepub fn domain<S: Into<String>>(self, domain: impl Into<Option<S>>) -> Self
pub fn domain<S: Into<String>>(self, domain: impl Into<Option<S>>) -> Self
Sets the domain of the cookie.
This is incompatible with __Host-
prefixed cookies. If the cookie is
a __Host-
prefixed cookie, this function will downgrade the cookie to
a use the __Secure-
prefix instead. This weakens a defense-in-depth
measure and is not recommended unless there is an unavoidable need and
the security implications have been fully considered.
Produces an CSRF cookie config determined from the current middleware state. Note that this is not needed if you are using default cookie names.
Trait Implementations
sourceimpl<Rng: Clone> Clone for CsrfMiddleware<Rng>
impl<Rng: Clone> Clone for CsrfMiddleware<Rng>
sourcefn clone(&self) -> CsrfMiddleware<Rng>
fn clone(&self) -> CsrfMiddleware<Rng>
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source
. Read more
sourceimpl<Rng: Debug> Debug for CsrfMiddleware<Rng>
impl<Rng: Debug> Debug for CsrfMiddleware<Rng>
sourceimpl<Rng: TokenRng + SeedableRng> Default for CsrfMiddleware<Rng>
impl<Rng: TokenRng + SeedableRng> Default for CsrfMiddleware<Rng>
sourceimpl<Rng: PartialEq> PartialEq<CsrfMiddleware<Rng>> for CsrfMiddleware<Rng>
impl<Rng: PartialEq> PartialEq<CsrfMiddleware<Rng>> for CsrfMiddleware<Rng>
sourcefn eq(&self, other: &CsrfMiddleware<Rng>) -> bool
fn eq(&self, other: &CsrfMiddleware<Rng>) -> bool
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
sourceimpl<S, Rng> Transform<S, ServiceRequest> for CsrfMiddleware<Rng>where
S: Service<ServiceRequest, Response = ServiceResponse>,
Rng: TokenRng + Clone,
impl<S, Rng> Transform<S, ServiceRequest> for CsrfMiddleware<Rng>where
S: Service<ServiceRequest, Response = ServiceResponse>,
Rng: TokenRng + Clone,
type Response = ServiceResponse<BoxBody>
type Response = ServiceResponse<BoxBody>
Responses produced by the service.
type Error = <S as Service<ServiceRequest>>::Error
type Error = <S as Service<ServiceRequest>>::Error
Errors produced by the service.
type Transform = CsrfMiddlewareImpl<S, Rng>
type Transform = CsrfMiddlewareImpl<S, Rng>
The TransformService
value created by this factory
type Future = Ready<Result<<CsrfMiddleware<Rng> as Transform<S, ServiceRequest>>::Transform, <CsrfMiddleware<Rng> as Transform<S, ServiceRequest>>::InitError>>
type Future = Ready<Result<<CsrfMiddleware<Rng> as Transform<S, ServiceRequest>>::Transform, <CsrfMiddleware<Rng> as Transform<S, ServiceRequest>>::InitError>>
The future response value.
sourcefn new_transform(&self, service: S) -> Self::Future
fn new_transform(&self, service: S) -> Self::Future
Creates and returns a new Transform component, asynchronously
impl<Rng: Eq> Eq for CsrfMiddleware<Rng>
impl<Rng> StructuralEq for CsrfMiddleware<Rng>
impl<Rng> StructuralPartialEq for CsrfMiddleware<Rng>
Auto Trait Implementations
impl<Rng> !RefUnwindSafe for CsrfMiddleware<Rng>
impl<Rng> !Send for CsrfMiddleware<Rng>
impl<Rng> !Sync for CsrfMiddleware<Rng>
impl<Rng> Unpin for CsrfMiddleware<Rng>where
Rng: Unpin,
impl<Rng> UnwindSafe for CsrfMiddleware<Rng>where
Rng: UnwindSafe,
Blanket Implementations
sourceimpl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<Q, K> Equivalent<K> for Qwhere
Q: Eq + ?Sized,
K: Borrow<Q> + ?Sized,
impl<Q, K> Equivalent<K> for Qwhere
Q: Eq + ?Sized,
K: Borrow<Q> + ?Sized,
sourcefn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
Compare self to key
and return true
if they are equal.
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
impl<V, T> VZip<V> for Twhere
V: MultiLane<T>,
impl<V, T> VZip<V> for Twhere
V: MultiLane<T>,
fn vzip(self) -> V
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where
S: Into<Dispatch>,
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more