Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix #68: Add the CsrfHeaderMiddleware middleware to use custom HTTP header to prevent forgery of requests, add the CsrfMiddleware::withSafeMethods() method to configure a custom safe HTTP methods list #68

Merged
merged 22 commits into from
Nov 14, 2024
Merged

Fix #68: Add the CsrfHeaderMiddleware middleware to use custom HTTP header to prevent forgery of requests, add the CsrfMiddleware::withSafeMethods() method to configure a custom safe HTTP methods list #68

merged 22 commits into from
Nov 14, 2024

Conversation

olegbaturin
Copy link
Contributor

@olegbaturin olegbaturin commented Sep 27, 2024
edited
Loading

Q A
Is bugfix?
New feature? ✔️
Breaks BC?

#65

Added new CsrfHeaderMiddleware
Added new method CsrfMiddleware::withSafeMethods()

@codecov Codecov
Copy link

codecov bot commented Sep 27, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (5d18903) to head (0f6022f).
Report is 14 commits behind head on master.

Additional details and impacted files 
@@             Coverage Diff             @@
##              master       #68   +/-   ##
===========================================
  Coverage     100.00%   100.00%           
- Complexity        47        72   +25     
===========================================
  Files              8        10    +2     
  Lines            128       201   +73     
===========================================
+ Hits             128       201   +73

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@samdark samdark marked this pull request as draft September 27, 2024 17:39
@olegbaturin olegbaturin marked this pull request as ready for review October 21, 2024 06:53
samdark
samdark approved these changes Oct 26, 2024
View reviewed changes
CHANGELOG.md Outdated Show resolved Hide resolved
CHANGELOG.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
src/CsrfHeaderMiddleware.php Outdated Show resolved Hide resolved
@samdark samdark requested a review from a team October 26, 2024 21:54
vjik
vjik requested changes Oct 27, 2024
View reviewed changes
src/CsrfMiddleware.php Outdated Show resolved Hide resolved
src/CsrfHeaderMiddleware.php Show resolved Hide resolved
src/CsrfHeaderMiddleware.php Show resolved Hide resolved
src/CsrfHeaderMiddleware.php Outdated Show resolved Hide resolved
@olegbaturin olegbaturin requested a review from vjik October 28, 2024 07:55
vjik
vjik approved these changes Nov 2, 2024
View reviewed changes
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
@vjik vjik requested a review from samdark November 2, 2024 07:43
samdark
samdark requested changes Nov 7, 2024
View reviewed changes
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Show resolved Hide resolved
README.md Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
src/CsrfHeaderMiddleware.php Show resolved Hide resolved
src/CsrfMiddleware.php Show resolved Hide resolved
@samdark
Copy link
Member

samdark commented Nov 7, 2024

Thanks for a pull request. I've left some comments. Also, tests are currently failing. Needs fixing.

@olegbaturin
Copy link
Contributor Author

Please check the readme with some links to the used yii packages.

samdark
samdark requested changes Nov 11, 2024
View reviewed changes
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
@samdark samdark changed the title added CsrfHeaderMiddleware Fix #68: Add the CsrfHeaderMiddleware middleware to use custom HTTP header to prevent forgery of requests, add the CsrfMiddleware::withSafeMethods() method to configure a custom safe HTTP methods list Nov 14, 2024
@samdark samdark merged commit 962b006 into yiisoft:master Nov 14, 2024
26 checks passed
@samdark
Copy link
Member

samdark commented Nov 14, 2024

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vjik vjik vjik approved these changes

@samdark samdark samdark approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@olegbaturin @samdark @vjik