2 releases
0.0.2 | Jan 11, 2024 |
---|---|
0.0.1 | Jan 1, 2024 |
#11 in #csrf
44 downloads per month
Used in rocket_sqlite_rw_pool
49KB
1K
SLoC
rocket_csrf_guard
This is a collection of utilities for adding CSRF protection to Rocket powered web applications.
This is a useful building block for secure by default frameworks, as seen in this blogpost
Works with rocket 0.5.0 and above.
Look at the documentation and examples to learn more.
This is provided AS-IS and does not guarantee a secure application by itself. For reporting security issues in this library, please contact me using the information on my github profile.
lib.rs
:
Ergonomic CSRF protection for Rocket applications.
The main macro with_csrf_token
enables CSRF protection for a given rocket::form::Form
.
Slap on a double submit cookie or a session based CSRF token and you're good to go.
Look at the examples/ folder for more detailed examples of all the functionality in a test app.
Dependencies
~24–55MB
~1M SLoC