cristiancmoises
/
gophish
mirror of https://github.com/gophish/gophish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixing CSRF Exceptions

pull/64/head
Jordan Wright 2015-10-03 15:55:06 -05:00
parent 906c4e8a93
commit 47619a8426
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
controllers/route.go
View File

@ -57,11 +57,15 @@ func CreateAdminRouter() http.Handler {
// Setup CSRF Protection
csrfHandler := nosurf.New(router)
// Exempt API routes and Static files
csrfHandler.ExemptGlob("/api/campaigns*")
csrfHandler.ExemptGlob("/api/groups*")
csrfHandler.ExemptGlob("/api/templates*")
csrfHandler.ExemptGlob("/api/pages*")
csrfHandler.ExemptGlob("/api/import*")
csrfHandler.ExemptGlob("/api/campaigns")
csrfHandler.ExemptGlob("/api/campaigns/*")
csrfHandler.ExemptGlob("/api/groups")
csrfHandler.ExemptGlob("/api/groups/*")
csrfHandler.ExemptGlob("/api/templates")
csrfHandler.ExemptGlob("/api/templates/*")
csrfHandler.ExemptGlob("/api/pages")
csrfHandler.ExemptGlob("/api/pages/*")
csrfHandler.ExemptGlob("/api/import/*")
csrfHandler.ExemptGlob("/static/*")
return Use(csrfHandler.ServeHTTP, mid.GetContext)
}