pub struct Csrf { /* private fields */ }
csrf
only.Expand description
Cross-Site Request Forgery (CSRF) protection middleware.
Implementations
sourceimpl Csrf
impl Csrf
sourcepub fn new(secret: &[u8]) -> Csrf
pub fn new(secret: &[u8]) -> Csrf
Create a new instance.
Defaults
The defaults for Csrf are:
- cookie path:
/
- cookie name:
salvo.extra.csrf
- cookie domain: None
- ttl: 24 hours
- header name:
x-csrf-token
- query param:
csrf-token
- form field:
csrf-token
- protected methods:
[POST, PUT, PATCH, DELETE]
sourcepub fn with_ttl(self, ttl: Duration) -> Csrf
pub fn with_ttl(self, ttl: Duration) -> Csrf
Set the protection ttl. This will be used for both the cookie expiry and the time window over which CSRF tokens are considered valid.
The default for this value is one day.
sourcepub fn with_header_name(self, header_name: HeaderName) -> Csrf
pub fn with_header_name(self, header_name: HeaderName) -> Csrf
Set the name of the HTTP header where the middleware will look for the CSRF token.
Defaults to “x-csrf-token”.
sourcepub fn with_query_param(self, query_param: impl AsRef<str>) -> Csrf
pub fn with_query_param(self, query_param: impl AsRef<str>) -> Csrf
Set the name of the query parameter where the middleware will look for the CSRF token.
Defaults to “csrf-token”.
sourcepub fn with_form_field(self, form_field: impl AsRef<str>) -> Csrf
pub fn with_form_field(self, form_field: impl AsRef<str>) -> Csrf
Set the name of the form field where the middleware will look for the CSRF token.
Defaults to “csrf-token”.
sourcepub fn with_protected_methods(self, methods: &[Method]) -> Csrf
pub fn with_protected_methods(self, methods: &[Method]) -> Csrf
Set the list of methods that will be protected by this middleware.
Defaults to [POST, PUT, PATCH, DELETE]
Trait Implementations
sourceimpl Handler for Csrf
impl Handler for Csrf
sourcefn handle<'life0, 'life1, 'life2, 'life3, 'life4, 'async_trait>(
&'life0 self,
req: &'life1 mut Request,
depot: &'life2 mut Depot,
res: &'life3 mut Response,
ctrl: &'life4 mut FlowCtrl
) -> Pin<Box<dyn Future<Output = ()> + Send + 'async_trait, Global>>where
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
'life3: 'async_trait,
'life4: 'async_trait,
Csrf: 'async_trait,
fn handle<'life0, 'life1, 'life2, 'life3, 'life4, 'async_trait>(
&'life0 self,
req: &'life1 mut Request,
depot: &'life2 mut Depot,
res: &'life3 mut Response,
ctrl: &'life4 mut FlowCtrl
) -> Pin<Box<dyn Future<Output = ()> + Send + 'async_trait, Global>>where
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
'life3: 'async_trait,
'life4: 'async_trait,
Csrf: 'async_trait,
Handle http request.
Auto Trait Implementations
impl RefUnwindSafe for Csrf
impl Send for Csrf
impl Sync for Csrf
impl Unpin for Csrf
impl UnwindSafe for Csrf
Blanket Implementations
sourceimpl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
impl<V, T> VZip<V> for Twhere
V: MultiLane<T>,
impl<V, T> VZip<V> for Twhere
V: MultiLane<T>,
fn vzip(self) -> V
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>where
S: Into<Dispatch>,
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more