shard-kemal/spec
Mike Perham e407d0195c Implement CSRF protection
This adds a middleware which, when activated, will deny any form submission which does not include a valid `authenticity_token` parameter or `http-x-csrf-token` header with the request.

The header and parameter names are identical to the ones supported by Ruby's rack-protection gem for interoperability purposes.
2016-06-28 15:50:43 -07:00
..
asset
middleware Implement CSRF protection 2016-06-28 15:50:43 -07:00
all_spec.cr
common_exception_handler_spec.cr
config_spec.cr
context_spec.cr
helpers_spec.cr Add "headers" helper to make it easier to add headers to response. 2016-06-16 10:33:38 -04:00
logger_spec.cr
param_parser_spec.cr Fix ssl and specs for 0.18 2016-06-14 16:18:00 -05:00
route_handler_spec.cr Add X-Powered-By header 2016-06-19 03:22:55 +03:00
route_spec.cr
session_spec.cr Add Session#delete, more docs 2016-06-27 16:24:03 -07:00
spec_helper.cr
view_spec.cr
websocket_handler_spec.cr Fix ssl and specs for 0.18 2016-06-14 16:18:00 -05:00