jostreff/wireguard-ui
1
0
Fork 0
mirror of https://github.com/ngoduykhanh/wireguard-ui.git synced 2025-07-07 17:23:14 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Mitigate CSRF attacks (#206)

Browse source
This commit is contained in:
Marcus Wichelmann 2022-07-14 08:36:47 +02:00 committed by GitHub
parent 97652be545
commit 031d2cb7e8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 47 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

19
handler/middlewares.go Normal file
View file

@ -0,0 +1,19 @@
package handler
import (
"github.com/labstack/echo/v4"
"net/http"
)
// ContentTypeJson checks that the requests have the Content-Type header set to "application/json".
// This helps against CSRF attacks.
func ContentTypeJson(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error {
contentType := c.Request().Header.Get("Content-Type")
if contentType != "application/json" {
return c.JSON(http.StatusBadRequest, jsonHTTPResponse{false, "Only JSON allowed"})
}
return next(c)
}
}