superagent-csrf-middleware
v0.3.0
Published
easily handle CSRF tokens with superagent
Downloads
96
Readme
superagent-csrf-middleware
easily handle CSRF tokens with superagent
Supports simple CSRF implementations and those which modify the token with each request.
usage
var request = require('superagent');
var csrf = require('superagent-csrf-middleware');
var agent = request(server);
var csrf1 = csrf();
agent.get('/foo')
.use(csrf1)
.end(function() {
agent.post('/bar')
.use(csrf1)
.end(function() {
/* ... */
});
});
options
By default, superagent-csrf-middleware
looks at the XSRF-TOKEN
cookie and sets the X-XSRF-TOKEN
header.
You may optionally define other parameters:
var cookie = 'MY-XSRF-COOKIE-NAME';
var header = '_SEASURF';
var csrf = require('superagent-csrf-middleware')(cookie, header);
support
This is known to work with lusca's CSRF implementation.