Remove redundat http require and move it to kemal.cr
This commit is contained in:
parent
d11b702ee4
commit
6ffa4af0e1
4 changed files with 10 additions and 15 deletions
|
@ -1,3 +1,4 @@
|
|||
require "http"
|
||||
require "./kemal/*"
|
||||
require "./kemal/helpers/*"
|
||||
require "./kemal/middleware/*"
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
require "http"
|
||||
|
||||
# All loggers must inherit from `Kemal::BaseLogHandler`.
|
||||
class Kemal::BaseLogHandler < HTTP::Handler
|
||||
def initialize
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
require "http"
|
||||
|
||||
class Kemal::CommonLogHandler < Kemal::BaseLogHandler
|
||||
@handler : IO::FileDescriptor
|
||||
getter handler
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
require "secure_random"
|
||||
require "http"
|
||||
|
||||
module Kemal::Middleware
|
||||
# This middleware adds CSRF protection to your application.
|
||||
|
@ -11,9 +10,9 @@ module Kemal::Middleware
|
|||
# where an attacker can re-submit a form.
|
||||
#
|
||||
class CSRF < HTTP::Handler
|
||||
HEADER = "X_CSRF_TOKEN"
|
||||
ALLOWED_METHODS = %w[GET HEAD OPTIONS TRACE]
|
||||
PARAMETER_NAME = "authenticity_token"
|
||||
HEADER = "X_CSRF_TOKEN"
|
||||
ALLOWED_METHODS = %w(GET HEAD OPTIONS TRACE)
|
||||
PARAMETER_NAME = "authenticity_token"
|
||||
|
||||
def call(context)
|
||||
unless context.session["csrf"]?
|
||||
|
@ -24,12 +23,12 @@ module Kemal::Middleware
|
|||
|
||||
req = context.request
|
||||
submitted = if req.headers[HEADER]?
|
||||
req.headers[HEADER]
|
||||
elsif context.params.body[PARAMETER_NAME]?
|
||||
context.params.body[PARAMETER_NAME]
|
||||
else
|
||||
"nothing"
|
||||
end
|
||||
req.headers[HEADER]
|
||||
elsif context.params.body[PARAMETER_NAME]?
|
||||
context.params.body[PARAMETER_NAME]
|
||||
else
|
||||
"nothing"
|
||||
end
|
||||
current_token = context.session["csrf"]
|
||||
|
||||
if current_token == submitted
|
||||
|
@ -41,6 +40,5 @@ module Kemal::Middleware
|
|||
context.response.print "Forbidden"
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue