diff options
Diffstat (limited to 'vendor/github.com/gorilla')
| -rw-r--r-- | vendor/github.com/gorilla/csrf/README.md | 2 | ||||
| -rw-r--r-- | vendor/github.com/gorilla/csrf/doc.go | 4 | ||||
| -rw-r--r-- | vendor/github.com/gorilla/handlers/README.md | 2 | ||||
| -rw-r--r-- | vendor/github.com/gorilla/mux/README.md | 1 | ||||
| -rw-r--r-- | vendor/github.com/gorilla/mux/route.go | 2 | ||||
| -rw-r--r-- | vendor/github.com/gorilla/securecookie/README.md | 2 | ||||
| -rw-r--r-- | vendor/github.com/gorilla/sessions/README.md | 9 |
7 files changed, 20 insertions, 2 deletions
diff --git a/vendor/github.com/gorilla/csrf/README.md b/vendor/github.com/gorilla/csrf/README.md index 8cad716..75e8525 100644 --- a/vendor/github.com/gorilla/csrf/README.md +++ b/vendor/github.com/gorilla/csrf/README.md @@ -1,5 +1,5 @@ # gorilla/csrf -[](https://godoc.org/github.com/gorilla/csrf) [](https://travis-ci.org/gorilla/csrf) +[](https://godoc.org/github.com/gorilla/csrf) [](https://travis-ci.org/gorilla/csrf) [](https://sourcegraph.com/github.com/gorilla/csrf?badge) gorilla/csrf is a HTTP middleware library that provides [cross-site request forgery](http://blog.codinghorror.com/preventing-csrf-and-xsrf-attacks/) (CSRF) diff --git a/vendor/github.com/gorilla/csrf/doc.go b/vendor/github.com/gorilla/csrf/doc.go index e0bf408..301abe0 100644 --- a/vendor/github.com/gorilla/csrf/doc.go +++ b/vendor/github.com/gorilla/csrf/doc.go @@ -135,6 +135,10 @@ providing a JSON API: w.Write(b) } +If you're writing a client that's supposed to mimic browser behavior, make sure to +send back the CSRF cookie (the default name is _gorilla_csrf, but this can be changed +with the CookieName Option) along with either the X-CSRF-Token header or the gorilla.csrf.Token form field. + In addition: getting CSRF protection right is important, so here's some background: * This library generates unique-per-request (masked) tokens as a mitigation diff --git a/vendor/github.com/gorilla/handlers/README.md b/vendor/github.com/gorilla/handlers/README.md index a782c41..4a6895d 100644 --- a/vendor/github.com/gorilla/handlers/README.md +++ b/vendor/github.com/gorilla/handlers/README.md @@ -1,6 +1,8 @@ gorilla/handlers ================ [](https://godoc.org/github.com/gorilla/handlers) [](https://travis-ci.org/gorilla/handlers) +[](https://sourcegraph.com/github.com/gorilla/handlers?badge) + Package handlers is a collection of handlers (aka "HTTP middleware") for use with Go's `net/http` package (or any framework supporting `http.Handler`), including: diff --git a/vendor/github.com/gorilla/mux/README.md b/vendor/github.com/gorilla/mux/README.md index 94d396c..cdab878 100644 --- a/vendor/github.com/gorilla/mux/README.md +++ b/vendor/github.com/gorilla/mux/README.md @@ -2,6 +2,7 @@ gorilla/mux === [](https://godoc.org/github.com/gorilla/mux) [](https://travis-ci.org/gorilla/mux) +[](https://sourcegraph.com/github.com/gorilla/mux?badge)  diff --git a/vendor/github.com/gorilla/mux/route.go b/vendor/github.com/gorilla/mux/route.go index 9221915..5544c1f 100644 --- a/vendor/github.com/gorilla/mux/route.go +++ b/vendor/github.com/gorilla/mux/route.go @@ -153,7 +153,7 @@ func (r *Route) addRegexpMatcher(tpl string, matchHost, matchPrefix, matchQuery } r.regexp = r.getRegexpGroup() if !matchHost && !matchQuery { - if tpl == "/" && (len(tpl) == 0 || tpl[0] != '/') { + if len(tpl) > 0 && tpl[0] != '/' { return fmt.Errorf("mux: path must start with a slash, got %q", tpl) } if r.regexp.path != nil { diff --git a/vendor/github.com/gorilla/securecookie/README.md b/vendor/github.com/gorilla/securecookie/README.md index da112e4..aa7bd1a 100644 --- a/vendor/github.com/gorilla/securecookie/README.md +++ b/vendor/github.com/gorilla/securecookie/README.md @@ -1,6 +1,8 @@ securecookie ============ [](https://godoc.org/github.com/gorilla/securecookie) [](https://travis-ci.org/gorilla/securecookie) +[](https://sourcegraph.com/github.com/gorilla/securecookie?badge) + securecookie encodes and decodes authenticated and optionally encrypted cookie values. diff --git a/vendor/github.com/gorilla/sessions/README.md b/vendor/github.com/gorilla/sessions/README.md index 5bb3107..ebc60d0 100644 --- a/vendor/github.com/gorilla/sessions/README.md +++ b/vendor/github.com/gorilla/sessions/README.md @@ -1,6 +1,8 @@ sessions ======== [](https://godoc.org/github.com/gorilla/sessions) [](https://travis-ci.org/gorilla/sessions) +[](https://sourcegraph.com/github.com/gorilla/sessions?badge) + gorilla/sessions provides cookie and filesystem sessions and infrastructure for custom session backends. @@ -52,6 +54,12 @@ with as or else you will leak memory! An easy way to do this is to wrap the top-level mux when calling http.ListenAndServe: +```go + http.ListenAndServe(":8080", context.ClearHandler(http.DefaultServeMux)) +``` + +The ClearHandler function is provided by the gorilla/context package. + More examples are available [on the Gorilla website](http://www.gorillatoolkit.org/pkg/sessions). @@ -63,6 +71,7 @@ Other implementations of the `sessions.Store` interface: * [github.com/yosssi/boltstore](https://github.com/yosssi/boltstore) - Bolt * [github.com/srinathgs/couchbasestore](https://github.com/srinathgs/couchbasestore) - Couchbase * [github.com/denizeren/dynamostore](https://github.com/denizeren/dynamostore) - Dynamodb on AWS +* [github.com/savaki/dynastore](https://github.com/savaki/dynastore) - DynamoDB on AWS (Official AWS library) * [github.com/bradleypeabody/gorilla-sessions-memcache](https://github.com/bradleypeabody/gorilla-sessions-memcache) - Memcache * [github.com/dsoprea/go-appengine-sessioncascade](https://github.com/dsoprea/go-appengine-sessioncascade) - Memcache/Datastore/Context in AppEngine * [github.com/kidstuff/mongostore](https://github.com/kidstuff/mongostore) - MongoDB |