# iron-csrf
CSRF protection for the Rust web framework Iron.
`iron-csrf` uses either ChaCha20Poly1305 or AES-GCM to sign and verify timestamped
CSRF cookies and their accompanying tokens.
There is an example `iron` server in the directory [./examples](./examples), and more
information can be found in the docs hosted at [docs.rs](https://docs.rs/iron-csrf/).
A complete reference implementation can be found on
[github](https://github.com/heartsucker/iron-reference).
## Contributing
Please make all pull requests to the `develop` branch.
### Bugs
This project has a **full disclosure** policy on security related errors. Please
treat these errors like all other bugs and file a public issue. Errors communicated
via other channels will be immediately made public.
## Legal
### License
This work is licensed under the MIT license. See [LICENSE](./LICENSE) for details.