11 releases
0.4.0 | Jun 16, 2020 |
---|---|
0.3.1 | Jan 13, 2018 |
0.3.0 | Nov 19, 2017 |
0.2.2 |
|
0.0.13 | Mar 15, 2017 |
#8 in #csrf
37KB
675 lines
iron-csrf
CSRF protection for the Rust web framework Iron.
iron-csrf
uses either ChaCha20Poly1305 or AES-GCM to sign and verify timestamped
CSRF cookies and their accompanying tokens.
There is an example iron
server in the directory ./examples, and more
information can be found in the docs hosted at docs.rs.
A complete reference implementation can be found on
github.
Contributing
Please make all pull requests to the develop
branch.
Bugs
This project has a full disclosure policy on security related errors. Please treat these errors like all other bugs and file a public issue. Errors communicated via other channels will be immediately made public.
Legal
License
This work is licensed under the MIT license. See LICENSE for details.
Dependencies
~18MB
~342K SLoC