11 releases
| 0.4.0 | Jun 16, 2020 |
|---|---|
| 0.3.1 | Jan 13, 2018 |
| 0.3.0 | Nov 19, 2017 |
| 0.2.2 |
|
| 0.0.13 | Mar 15, 2017 |
#10 in #csrf
30 downloads per month
37KB
675 lines
iron-csrf
CSRF protection for the Rust web framework Iron.
iron-csrf uses either ChaCha20Poly1305 or AES-GCM to sign and verify timestamped
CSRF cookies and their accompanying tokens.
There is an example iron server in the directory ./examples, and more
information can be found in the docs hosted at docs.rs.
A complete reference implementation can be found on
github.
Contributing
Please make all pull requests to the develop branch.
Bugs
This project has a full disclosure policy on security related errors. Please treat these errors like all other bugs and file a public issue. Errors communicated via other channels will be immediately made public.
Legal
License
This work is licensed under the MIT license. See LICENSE for details.
Dependencies
~18MB
~340K SLoC