Open
Conversation
Bug Fixes - In some server environments, being behind a load balancer and enabling IP restrictions would be ineffective as other users would all appear to be from the same remote address Features - Allow logging of the CSRF process which is useful for third party develoeprs when they are trying to incorporate the library to see what steps are being taken and from where. Configuration var: `log_file` - Allow logging to also be echoed to console Configuration var: `log_echo` - Allow specifying the location of the CSRF secret file as some package maintainers may prefer to relocate the secret file to a hidden location that is readable only when installing the package and not be the application. Configuration var: `path_secret` - Allow specifying the startup function as some callers may wish to keep in line with their own code formats. Configuration var `startup_func` - Allow configuration of which hashing function to use. It is expected that the user configuring this option will known what hash functions are availble or it could cause runtime errors. Configuration var `hash`
|
Nice! |
Author
|
@ezyang Any comments or likelihood of commit on these latest round of changes? We are actively using it within Cacti's open source monitoring tool so would be good to have these in the main repo in case packagers link back to your versions without all the fixes. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bug Fixes
restrictions would be ineffective as other users would all appear to be from
the same remote address
Features
Allow logging of the CSRF process which is useful for third party develoeprs
when they are trying to incorporate the library to see what steps are being
taken and from where.
Configuration var:
log_fileAllow logging to also be echoed to console
Configuration var:
log_echoAllow specifying the location of the CSRF secret file as some package
maintainers may prefer to relocate the secret file to a hidden location that
is readable only when installing the package and not be the application.
Configuration var:
path_secretAllow specifying the startup function as some callers may wish to keep in line
with their own code formats.
Configuration var
startup_funcAllow configuration of which hashing function to use. It is expected that the
user configuring this option will known what hash functions are availble or it
could cause runtime errors.
Configuration var
hash