代码拉取完成,页面将自动刷新
// This middleware provides Cross-Site Request Forgery
// protection.
//
// It securely generates a masked (unique-per-request) token that
// can be embedded in the HTTP response (e.g. form field or HTTP header).
// The original (unmasked) token is stored in the session, which is inaccessible
// by an attacker (provided you are using HTTPS). Subsequent requests are
// expected to include this token, which is compared against the session token.
// Requests that do not provide a matching token are served with a HTTP 403
// 'Forbidden' error response.
package main
// $ go get -u github.com/iris-contrib/middleware/...
import (
"github.com/kataras/iris"
"github.com/iris-contrib/middleware/csrf"
)
func main() {
app := iris.New()
app.RegisterView(iris.HTML("./views", ".html"))
// Note that the authentication key provided should be 32 bytes
// long and persist across application restarts.
protect := csrf.Protect([]byte("9AB0F421E53A477C084477AEA06096F5"),
csrf.Secure(false)) // Defaults to true, but pass `false` while no https (devmode).
users := app.Party("/user", protect)
{
users.Get("/signup", getSignupForm)
// // POST requests without a valid token will return a HTTP 403 Forbidden.
users.Post("/signup", postSignupForm)
}
// GET: http://localhost:8080/user/signup
// POST: http://localhost:8080/user/signup
app.Run(iris.Addr(":8080"))
}
func getSignupForm(ctx iris.Context) {
// views/signup.html just needs a {{ .csrfField }} template tag for
// csrf.TemplateField to inject the CSRF token into. Easy!
ctx.ViewData(csrf.TemplateTag, csrf.TemplateField(ctx))
ctx.View("views/user/signup.html")
// We could also retrieve the token directly from csrf.Token(r) and
// set it in the request header - ctx.GetHeader("X-CSRF-Token", token)
// This is useful if you're sending JSON to clients or a front-end JavaScript
// framework.
}
func postSignupForm(ctx iris.Context) {
ctx.Writef("You're welcome mate!")
}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。