ezyang
v1.1.0
Bug Fixes
- In some server environments, being behind a load balancer and enabling IP restrictions would be ineffective as other users would all appear to be from the same remote address
Features
-
Allow logging of the CSRF process which is useful for third party develoeprs when they are trying to incorporate the library to see what steps are being taken and from where.
Configuration var:
log_file -
Allow logging to also be echoed to console
Configuration var:
log_echo -
Allow specifying the location of the CSRF secret file as some package maintainers may prefer to relocate the secret file to a hidden location that is readable only when installing the package and not be the application.
Configuration var:
path_secret -
Allow specifying the startup function as some callers may wish to keep in line with their own code formats.
Configuration var
startup_func -
Allow configuration of which hashing function to use. It is expected that the user configuring this option will known what hash functions are availble or it could cause runtime errors.
Configuration var
hash
@ezyang Any comments or likelihood of commit on these latest round of changes? We are actively using it within Cacti's open source monitoring tool so would be good to have these in the main repo in case packagers link back to your versions without all the fixes.