Versions in this module Expand all Collapse all v1 v1.0.0 Jan 18, 2023 Changes in this version + var ErrBadReferer = errors.New("referer invalid") + var ErrBadToken = errors.New("CSRF token invalid") + var ErrNoReferer = errors.New("referer not supplied") + var ErrNoToken = errors.New("CSRF token not found in request") + var TemplateTag = "csrfField" + func FailureReason(r *http.Request) error + func Protect(authKey []byte, opts ...Option) func(http.Handler) http.Handler + func TemplateField(r *http.Request) template.HTML + func Token(r *http.Request) string + func UnsafeSkipCheck(r *http.Request) *http.Request + type Option func(*csrf) + func CookieName(name string) Option + func Domain(domain string) Option + func ErrorHandler(h http.Handler) Option + func ExcludePaths(paths ...string) Option + func FieldName(name string) Option + func HttpOnly(h bool) Option + func MaxAge(age int) Option + func Path(p string) Option + func RequestHeader(header string) Option + func SameSite(s SameSiteMode) Option + func Secure(s bool) Option + func TrustedOrigins(origins []string) Option + func TrustedOriginsCallback(f TrustedOriginsCallbackFunc) Option + type SameSiteMode int + const SameSiteDefaultMode + const SameSiteLaxMode + const SameSiteNoneMode + const SameSiteStrictMode + type TrustedOriginsCallbackFunc func(referer *url.URL, r *http.Request) bool