egg-security
egg-security copied to clipboard
Published
20 hours ago •
eggjs
eggjs
feat: csrf support check origin header with referer type
Checklist
- [x]
npm testpasses - [x] tests and/or benchmarks are included
- [ ] documentation is changed or added
- [x] commit message follows commit guidelines
Affected core subsystem(s)
Description of change
csrf防范应该也可以通过检查Origin头来验证来源。具体可看 Identifying Source Origin (via Origin/Referer header)
Codecov Report
Merging #69 into master will not change coverage. The diff coverage is
100.00%.
@@ Coverage Diff @@
## master #69 +/- ##
=======================================
Coverage 95.89% 95.89%
=======================================
Files 32 32
Lines 560 560
=======================================
Hits 537 537
Misses 23 23
| Impacted Files | Coverage Δ | |
|---|---|---|
| app/extend/context.js | 97.22% <100.00%> (ø) |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 79c38e0...51d0223. Read the comment docs.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}