MCPcopy
hub / github.com/gofiber/fiber / New

Function New

middleware/csrf/csrf.go:56–230  ·  view source on GitHub ↗

New creates a new middleware handler

(config ...Config)

Source from the content-addressed store, hash-verified

54
55// New creates a new middleware handler
56func New(config ...Config) fiber.Handler {
57 registerLogContextTagsOnce.Do(registerLogContextTags)
58
59 // Set default config
60 cfg := configDefault(config...)
61
62 redactKeys := !cfg.DisableValueRedaction
63
64 maskValue := func(value string) string {
65 if redactKeys {
66 return redactedKey
67 }
68 return value
69 }
70
71 // Create manager to simplify storage operations ( see *_manager.go )
72 var sessionManager *sessionManager
73 var storageManager *storageManager
74 if cfg.Session != nil {
75 sessionManager = newSessionManager(cfg.Session)
76 } else {
77 storageManager = newStorageManager(cfg.Storage, redactKeys)
78 }
79
80 // Pre-parse trusted origins
81 trustedOrigins := []string{}
82 trustedSubOrigins := []subdomain{}
83
84 for _, origin := range cfg.TrustedOrigins {
85 trimmedOrigin := utils.TrimSpace(origin)
86 if i := strings.Index(trimmedOrigin, "://*."); i != -1 {
87 withoutWildcard := trimmedOrigin[:i+len("://")] + trimmedOrigin[i+len("://*."):]
88 isValid, normalizedOrigin := normalizeOrigin(withoutWildcard)
89 if !isValid {
90 panic("[CSRF] Invalid origin format in configuration:" + maskValue(origin))
91 }
92 schemeSep := strings.Index(normalizedOrigin, "://") + len("://")
93 sd := subdomain{prefix: normalizedOrigin[:schemeSep], suffix: normalizedOrigin[schemeSep:]}
94 trustedSubOrigins = append(trustedSubOrigins, sd)
95 } else {
96 isValid, normalizedOrigin := normalizeOrigin(trimmedOrigin)
97 if !isValid {
98 panic("[CSRF] Invalid origin format in configuration:" + maskValue(origin))
99 }
100 trustedOrigins = append(trustedOrigins, normalizedOrigin)
101 }
102 }
103
104 // Create the handler outside of the returned function
105 handler := &Handler{
106 config: cfg,
107 sessionManager: sessionManager,
108 storageManager: storageManager,
109 }
110
111 // Return new handler
112 return func(c fiber.Ctx) error {
113 // Don't execute middleware if Next returns true

Calls 15

newSessionManagerFunction · 0.85
newStorageManagerFunction · 0.85
getRawFromStorageFunction · 0.85
validateSecFetchSiteFunction · 0.85
originMatchesHostFunction · 0.85
refererMatchesHostFunction · 0.85
compareStringsFunction · 0.85
expireCSRFCookieFunction · 0.85
deleteTokenFromStorageFunction · 0.85
updateCSRFCookieFunction · 0.85
ErrorHandlerMethod · 0.80