Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/koajs/csrf

CSRF tokens for koa
https://github.com/koajs/csrf

5.0.1

0b87e994dbd114bac93e775409ee8218c8864830 authored over 2 years ago by titanism <[email protected]>
docs: fixed docs

97734bc5e45389021dcc761826704535ac30d86a authored over 2 years ago by titanism <[email protected]>
5.0.0

6c6ca10ad0076a04570f14c934c7aa303221cf54 authored over 2 years ago by titanism <[email protected]>
feat: removed invalidTokenMessage and invalidTokenStatusCode, added errorHandler function option

495bf75d376d78e3992ae36f9af5f8f849ab9d79 authored over 2 years ago by titanism <[email protected]>
feat: added ctx.state._csrf, removed ctx.csrf, ctx._csrf, and ctx.response.csrf (fixes #50)

db4df33e4c0a129e1761c442ce64a8922843ce2f authored over 2 years ago by titanism <[email protected]>
4.0.1

8265e53f51c3d59b12aedbcbcd25bd3d89341da9 authored over 2 years ago by titanism <[email protected]>
fix: removed ctx.state support due to getter issues

d0586c1f53f0d8db0fa7c2cf3955f75c0ecb2e79 authored over 2 years ago by titanism <[email protected]>
4.0.0

1a1d5cc5673267b7dd595ce50510dafdde90f97b authored over 2 years ago by titanism <[email protected]>
feat: add support for ctx.state.csrf (backwards compatible), modernize repo, require node >=14

4b41239dbebf922530097e15d987b13709ea48ae authored over 2 years ago by titanism <[email protected]>
Refactor to koa middleware style (#61)

* update .gitignore file 🐞 ..

* update LICENSE 🗝 ..

* cleanup ❌ ..

* linter rules 💅🏻 .....

3d5a2dc9d3f21f8d9fd82fdd18cd1b4664276ec4 authored over 2 years ago by Imed Jaberi <[email protected]>
Bump trim-off-newlines from 1.0.1 to 1.0.3 (#73)

9219e7038d6430e35a380d5381007c70fddaac42 authored almost 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump node-fetch from 2.6.1 to 2.6.7 (#74)

29db739256d59099d3b9d8e5db09cb81ebe22443 authored almost 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump ajv from 6.10.2 to 6.12.6 (#72)

6218639d1e03e38a95b9bed6ea584e525adccf81 authored almost 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump tar from 4.4.15 to 4.4.19 (#71)

7465d7d518fea37d7637ee6dd30a9a5291d6a445 authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump path-parse from 1.0.6 to 1.0.7 (#70)

3d55f6a9926b54f1ceb482628a89e860fe608bc3 authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump tar from 4.4.10 to 4.4.15 (#69)

9e84d35d31d67a05366887897208b0ea6f00e7d1 authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump hosted-git-info from 2.8.4 to 2.8.9 (#65)

5ad3c0b50f3ab70d7c02194019925eb10dd0e0a2 authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump browserslist from 4.7.0 to 4.16.6 (#67)

6bf7469bc86d8f1e81c3c099ceb12b9dd3280c8b authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump normalize-url from 4.3.0 to 4.5.1 (#68)

Bumps [normalize-url](https://github.com/sindresorhus/normalize-url) from 4.3.0 to 4.5.1.
- [Re...

400703521248a3aaba3d1fdcdc69ae188c1120f4 authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump handlebars from 4.5.3 to 4.7.7 (#64)

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.7.
- [Release not...

fc122a8cae47889fe7f0a0054f6a723bed2e42bc authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump ini from 1.3.5 to 1.3.7 (#60)

Bumps [ini](https://github.com/isaacs/ini) from 1.3.5 to 1.3.7.
- [Release notes](https://githu...

b39bfe7674c0532c5494a2d292f36dd4dcfd5e39 authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump y18n from 4.0.0 to 4.0.1 (#62)

Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://gith...

c1266f6eda92cba85db155039b67e1e1c6c8840a authored over 3 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump node-fetch from 2.6.0 to 2.6.1 (#59)

Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
- [Release notes]...

51f7967971daa9b16ebc708e8e12386e53a4e6cf authored over 4 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump codecov from 3.6.5 to 3.7.1 (#58)

Bumps [codecov](https://github.com/codecov/codecov-node) from 3.6.5 to 3.7.1.
- [Release notes]...

5c4377806a57aaa9116a109fc4cf651b010c0fe1 authored over 4 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump acorn from 6.3.0 to 6.4.1 (#53)

Bumps [acorn](https://github.com/acornjs/acorn) from 6.3.0 to 6.4.1.
- [Release notes](https://...

4ac3e146102a416775c445d1e9c235af91e33fd4 authored almost 5 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump handlebars from 4.2.0 to 4.5.3 (#51)

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.2.0 to 4.5.3.
- [Release not...

a057d8f34b69ff0d42606720b57c0959e2d02fe3 authored almost 5 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump codecov from 3.5.0 to 3.6.5 (#52)

Bumps [codecov](https://github.com/codecov/codecov-node) from 3.5.0 to 3.6.5.
- [Release notes]...

9611c00cab803c8afa3801f0812d0fc692626990 authored almost 5 years ago by dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
v3.0.8

23e3d41b385b2653e13da3da6e736dcf920ccbec authored over 5 years ago by niftylettuce <[email protected]>
fix: fixed yarn.lock per #48

1baca4ce9e9305a4cb8fd4edb2b982b757b9326c authored over 5 years ago by niftylettuce <[email protected]>
Remove `auto-bind` dependency. (#48)

7dc7b2dd81bf35c3d450dc3bdacceebe2f2c36f7 authored over 5 years ago by Karthik Viswanathan <[email protected]>
docs: fixed typo

d798482f7329dd418bc8343193a8bfefc5980c80 authored almost 6 years ago by niftylettuce <[email protected]>
fix: dleeted old .eslintrc file in test folder from mocha

1c4de5388ee69f19bb0ed42387d2c79b0744891a authored almost 6 years ago by niftylettuce <[email protected]>
fix: removed node v6 from travis tests

7f9d224e911e2ab5130a50b50e419d6e63b4976b authored almost 6 years ago by niftylettuce <[email protected]>
v3.0.7

3cbc46b2f33aa1358b1c021cc54d2ff1191144b4 authored almost 6 years ago by niftylettuce <[email protected]>
fix: fixes options (closes #44 and closes #45)

2603f324c5eee66bca22aa248e00a13a1e597e97 authored almost 6 years ago by niftylettuce <[email protected]>
feat: refactoring, added support for ctx argument to messages

6fc2c399f41f93f1275d6205bcb2a9f3addf6b6e authored almost 6 years ago by niftylettuce <[email protected]>
Added some jsdocs (#43)

I tried to match the style from the koajs/koa project. Hope It's useful

0e8f0927bf303b67211dccd5e4418d1873489639 authored about 7 years ago by Evert Pot <[email protected]>
Add missing import (#42)

3f9719f10147e55573dcdab2a7e45991f702ee71 authored about 7 years ago by Anton <[email protected]>
Release 3.0.6

637d1c4414f5f5528a21f05e79f37e5e3799b333 authored over 7 years ago by Stephen Mathieson <[email protected]>
babel: add `add-module-exports` plugin (#32)

Closes #31

c4d834aab0a1ae728474796ad094d2abd9bfa360 authored over 7 years ago by Stephen Mathieson <[email protected]>
Release 3.0.5

19628eb24da46d810b084f2108f3e58389834d5a authored almost 8 years ago by dead-horse <[email protected]>
fix: ci

fdce9b404ff7f21c76df4cec0085747da0737ea3 authored almost 8 years ago by dead-horse <[email protected]>
Update deprecated `ctx.throw` argument order (#33)

http-errors has deprecated how createError is called and the
following deprecation notice occur...

2648f2f1a99865b3804aff95968771f321a8086f authored almost 8 years ago by Matt Venables <[email protected]>
Add history (#30)

c5f6bf041b046d96a034f177cc6deae05c30f33a authored about 8 years ago by Hung Phan <[email protected]>
Release 3.0.4

ce2b78907274550f443e80122066c778a0fe0b74 authored over 8 years ago by Nick Baugh <[email protected]>
Merge pull request #29 from hung-phan/master

Fix usage of includes in node 4.6.0

3ebe02322abea27fb6fd041ebcf31718876831a0 authored over 8 years ago by niftylettuce <[email protected]>
Update travis

Update node version

Install newest npm

48394ca9bb50df54b410b453e8b572e12e5843d9 authored over 8 years ago by hung-phan <[email protected]>
Fix usage of includes in node 4.6.0

89c6a0c160833f2d3aa49404d27828fef93bd896 authored over 8 years ago by hung-phan <[email protected]>
Release 3.0.3

9118bb43ca4d2ae3810dc9d117f4a2ff2aa5debe authored over 8 years ago by Nick Baugh <[email protected]>
Fixed CSRF set/get issue (e.g. XHR requests were failing because it constantly changed the secret)

c24564ecbf88aceb519e138ca49be205f7034a0c authored over 8 years ago by Nick Baugh <[email protected]>
Release 3.0.2

80d835989d3c3798c8e771ac92d1c7d53ce05b5b authored over 8 years ago by Nick Baugh <[email protected]>
Return next()

46e95ab65368ed453b91c90117b13b80f6b3fe9c authored over 8 years ago by Nick Baugh <[email protected]>
Fixed bug with CSRF check

a6c228be6713b7fea37c517e7acf48607423b1f8 authored over 8 years ago by Nick Baugh <[email protected]>
Merge pull request #27 from niftylettuce/master

Refactored for Koa@next (lacking `assertCSRF` method and more tests)

c370e7a5cad7a68e39ae1908c55c12e561597fc0 authored over 8 years ago by niftylettuce <[email protected]>
Refactored for Koa@next (lacking `assertCSRF` method and more tests)

e2a1b3dc997ca1323e7ae50883654364b3a191e3 authored over 8 years ago by Nick Baugh <[email protected]>
Release 2.5.0

5b23a2d0d2266d6f9c814f36513077e51934d0f4 authored over 8 years ago by Stephen Mathieson <[email protected]>
add "disableQuery" option (#23)

* test: move middleware to App constructor

A little cleaner, plus enables creating multiple i...

3d4729c13ea227b6e6d17bbaee8c88d652df63de authored over 8 years ago by Stephen Mathieson <[email protected]>
fix example

closes #18

ec7ff083bdcf948fa60cbd81021c0177930ff8f3 authored over 8 years ago by dead_horse <[email protected]>
Release 2.4.0

e6be9895002ee05f164092d7210519d88fbaeee5 authored about 9 years ago by popomore <[email protected]>
Merge pull request #17 from popomore/invalid-message

More infomation when missing secret or token

a2a09d8e5a257b9f428894d433727f7d076efd21 authored about 9 years ago by Haoliang Gao <[email protected]>
More infomation when missing secret or token

e35d643213a0fee2f1389740d57939970986239b authored about 9 years ago by popomore <[email protected]>
2.3.0

9b6c935a5eba5c2061ae48b045493838d8dc8ea5 authored over 9 years ago by Jonathan Ong <[email protected]>
Add session check with test, update README

8f48e14a18cd8ae5594c0b23a699beefe7c6734f authored over 9 years ago by Cesar Andreu <[email protected]>
2.2.0

0763b7acbdd60d616f94c71f0f1a9495694193f4 authored over 9 years ago by Jonathan Ong <[email protected]>
:arrow_up: csrf@3

5d547ef0247baecbe2df7f764fe33d157893b32e authored over 9 years ago by Jonathan Ong <[email protected]>
:arrow_up: koa-session@3

43c31b6e6ceead65b7da7a52e1c82c7c5a07892d authored over 9 years ago by Jonathan Ong <[email protected]>
travis: don't update npm

55466dfb79b4feea1fb4b2116de31b5158aaf1d2 authored over 9 years ago by Jonathan Ong <[email protected]>
update tests

ec1831570167b6eb29dd4a802d94800d5465a744 authored over 9 years ago by Jonathan Ong <[email protected]>
2.1.3

9cfb0b6ca1b5e0079f90bcdff53c0ea6a80cf802 authored over 10 years ago by Jonathan Ong <[email protected]>
csrf-tokens -> csrf

66cf56ec08142b6ebdaabdcf4cc7ecab7fa0b946 authored over 10 years ago by Jonathan Ong <[email protected]>
remove unnecessary try cache, close #12

1d2d62331da75af10a5b7f27d7cb3d93abb34c37 authored over 10 years ago by dead_horse <[email protected]>
2.1.2

8cfae949ea5bd222b87892ccc511a9ce0de5019a authored over 10 years ago by Jonathan Ong <[email protected]>
update csrf-tokens to 2

13b462927df5b8982ab44228c3dc81c84d0daf02 authored over 10 years ago by Jonathan Ong <[email protected]>
Release 2.1.1

a9f2f637c687decdfcbdb613579e6e8e38716a14 authored over 10 years ago by dead_horse <[email protected]>
Merge pull request #10 from koajs/string-body

adjust sequence

928b5bd6f5fbd23586de1c6c8ed2744f30e4a1e7 authored over 10 years ago by dead_horse <[email protected]>
adjust sequence

d09fce4a39b0e05e45d84bbcf3bdb45d9c6c4496 authored over 10 years ago by dead_horse <[email protected]>
2.1.0

ff6300a1972fd081824ad4af677cf1d0f4539d80 authored over 10 years ago by Jonathan Ong <[email protected]>
allow strings ot be passed to .assertCSRF()

2d6f852ea66665f533f708443f9cfee3b25a26f3 authored over 10 years ago by Jonathan Ong <[email protected]>
clean up readme

c717912fd732045b3c0652f886b363c2ce709323 authored over 10 years ago by dead_horse <[email protected]>
update usage of middleware

according to
http://fengmk2.cnpmjs.org/blog/2014/06/use-koa-csrf-high-performance-way.html

ff4b15110b3f27ffe2169772171179d032ea155d authored over 10 years ago by dead_horse <[email protected]>
use svg badge

ae7325566adc15147e13d33b7cf36daaa2d957ea authored over 10 years ago by dead_horse <[email protected]>
2.0.0

0aa73f2c7180e97c3d27699150db2f682be09ac1 authored over 10 years ago by Jonathan Ong <[email protected]>
use csrf-tokens@1

closes #7

8b1bd7a9a75227584c668be9159b3902ac61f5c4 authored over 10 years ago by Jonathan Ong <[email protected]>
Release 1.1.1

89d1c06eac48a589e32d64bf309c314241ac452b authored over 10 years ago by dead_horse <[email protected]>
bump koa

b623c9bb9136b40d0351363de31f432c93b6e0f3 authored over 10 years ago by dead_horse <[email protected]>
fix body check, fixed #8

67c13ee26435baa607d3e8e2880e642f0ce3b213 authored over 10 years ago by dead_horse <[email protected]>
1.1.0

252e3838115ad617ea6e3d318b7bc11c680ecedc authored almost 11 years ago by Jonathan Ong <[email protected]>
Merge pull request #6 from dead-horse/middleware

add csrf middleware useage

d0e657ad2ee29dedd5fe315e3642e94bf10880fe authored almost 11 years ago by Jonathan Ong <[email protected]>
add csrf middleware useage

provide an easy way to hanlde csrf just like conenct.

```
var csrf = require('koa-csrf')
app.us...

c23a799f3f86f1ea518dbc04ab267c089733af92 authored almost 11 years ago by dead_horse <[email protected]>
Merge pull request #5 from mikepb/patch-1

Salt function respects length argument.

e491284162ea4d761feb11138fefb9d72bd01a82 authored almost 11 years ago by Jonathan Ong <[email protected]>
Salt function respects length argument.

81cfe4527dc0b2082652d8d7d191cc44cf9f5f90 authored almost 11 years ago by Michael Phan-Ba <[email protected]>
1.0.1

0667e9205df90a192e58b3106665f824dac162b2 authored almost 11 years ago by Jonathan Ong <[email protected]>
change delimiter from ; to -

4cd36fb4b3b73f44751d7705f6dccfb69a8f50b8 authored almost 11 years ago by Jonathan Ong <[email protected]>
1.0.0

2dc97c984b43c5c4d3f51d29956d897854ca15c6 authored about 11 years ago by Jonathan Ong <[email protected]>
this.session.secret

b9d0932a47cecf3adb4b7bd94db4be5546b11473 authored about 11 years ago by Jonathan Ong <[email protected]>
.error() -> .throw()

a13b6f4e5cc0c7acc006eed7056a55c762e8d76a authored about 11 years ago by Jonathan Ong <[email protected]>
aliases. closes #2

8c11ac76e9fc641fb0b34f7a2fd99cfd39645812 authored about 11 years ago by Jonathan Ong <[email protected]>
simplify body check

26e050f61a4a0262105c1bb297f31cf3014994f3 authored about 11 years ago by Jonathan Ong <[email protected]>
0.1.0

6ce198bdc1f8d0eccf007221d0d9075cb266b332 authored about 11 years ago by Jonathan Ong <[email protected]>
wooo tests!!!

ff0e34e06d61e324776dfe62fdb8ad118a1fe104 authored about 11 years ago by Jonathan Ong <[email protected]>