rocket_csrf_guard

This is a collection of utilities for adding CSRF protection to Rocket powered web applications.

This is a useful building block for secure by default frameworks, as seen in this blogpost

Works with rocket 0.5.0 and above.

Look at the documentation and examples to learn more.

This is provided AS-IS and does not guarantee a secure application by itself. For reporting security issues in this library, please contact me using the information on my github profile.

lib.rs:

Ergonomic CSRF protection for Rocket applications.

The main macro with_csrf_token enables CSRF protection for a given rocket::form::Form. Slap on a double submit cookie or a session based CSRF token and you're good to go. Look at the examples/ folder for more detailed examples of all the functionality in a test app.