go-safeweb icon indicating copy to clipboard operation
go-safeweb copied to clipboard

Published 20 hours ago verified publisher icon google

xsrfhtml: Support key rotation

Open empijei opened this issue 3 years ago • 0 comments

Currently we only support one key for this plugin, which makes key rotation impossible without disrupting the service.

We should instead accept a set of keys and emit tokens with the latest ones, but validate requests against all keys in the set.

empijei avatar May 27 '21 08:05 empijei