Comments (1)
Upgrade to v0.4.12 of @ladjs/web
and then implement the following change:
const web = new Web({
// ....
+ csrfIgnoredGlobs: [ '/wcendpoint' ]
- csrf: false,
});
-if (process.env.NODE_ENV !== 'test') {
- const csrf = new CSRF({
- ...config.csrf,
- invalidTokenMessage: ctx => ctx.request.t('Invalid CSRF token')
- });
-
- web.app.use(async (ctx, next) => {
- try {
- if(ctx.request.url === '/wcendpoint') {
- await next();
- } else {
- await csrf(ctx, next);
- }
- } catch (err) {
- let e = err;
- if (err.name && err.name === 'ForbiddenError') {
- e = Boom.forbidden(err.message);
- if (err.stack) e.stack = err.stack;
- }
- ctx.throw(e);
- }
- });
-}
I have added csrfIgnoredGlobs
(Array) option.
Note you can use wildcards and glob patterns, e.g. /wcendpoint
, /wcendpoint/**/*
, /wcendpoint/*
, /foo/**/bar
, ...
from lad.
Related Issues (20)
- add tracekit and wrap
- go through all TODO's in code
- v3.0.0 Release Wishlist HOT 20
- 1.0.0. Release Wishlist HOT 1
- Error in plugin "gulp-eslint" after clean install HOT 1
- Marketing
- GET params get duplicated if no locale is provided HOT 2
- Question - Deployment and using the proxy HOT 2
- RateLimit & CloudFlare
- Method Override Middleware used in `@ladjs/web` needs fixed
- Add support for PROXY protocol HOT 2
- Drop Bull from README and rewrite with Bree mention HOT 1
- DeprecationWarning: Mongoose: `findOneAndUpdate()` and `findOneAndDelete()` without the `useFindAndModify` option set to false are deprecated. See: https://mongoosejs.com/docs/deprecations.html#findandmodify
- Bundle and Watch caching
- Default install appears to require `moment` lib HOT 1
- [feat] send email to admin when redis or mongo disconnects/reconnects
- [chore] fix stylelint warnings
- npm ERR! 404 Not Found - GET https://codeload.github.com/niftylettuce/svgfont2js/tar.gz/376ca0b5498ea4fa08b1955ecd5bb11c1014a401 HOT 1
- Error: Cannot find module 'nps-utils' - Even when nps-utils and nps is installed
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lad.