Struct salvo_extra::csrf::CsrfHandler[][src]

pub struct CsrfHandler { /* fields omitted */ }
Expand description

Cross-Site Request Forgery (CSRF) protection middleware.

Implementations

Create a new instance.

Defaults

The defaults for CsrfHandler are:

  • cookie path: /
  • cookie name: salvo.extra.csrf
  • cookie domain: None
  • ttl: 24 hours
  • header name: x-csrf-token
  • query param: csrf-token
  • form field: csrf-token
  • protected methods: [POST, PUT, PATCH, DELETE]

Sets the protection ttl. This will be used for both the cookie expiry and the time window over which CSRF tokens are considered valid.

The default for this value is one day.

Sets the name of the HTTP header where the middleware will look for the CSRF token.

Defaults to “x-csrf-token”.

Sets the name of the query parameter where the middleware will look for the CSRF token.

Defaults to “csrf-token”.

Sets the name of the form field where the middleware will look for the CSRF token.

Defaults to “csrf-token”.

Sets the list of methods that will be protected by this middleware

Defaults to [POST, PUT, PATCH, DELETE]

Trait Implementations

Formats the value using the given formatter. Read more

Handle http request.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

Should always be Self

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more