Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
B
beego
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
go
beego
Commits
c4edc134
Commit
c4edc134
authored
Sep 28, 2013
by
astaxie
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix #230
parent
1eb87c5c
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
14 additions
and
10 deletions
+14
-10
controller.go
controller.go
+14
-10
No files found.
controller.go
View file @
c4edc134
...
@@ -326,15 +326,11 @@ func (c *Controller) GetSecureCookie(Secret, key string) (string, bool) {
...
@@ -326,15 +326,11 @@ func (c *Controller) GetSecureCookie(Secret, key string) (string, bool) {
if
fmt
.
Sprintf
(
"%02x"
,
h
.
Sum
(
nil
))
!=
sig
{
if
fmt
.
Sprintf
(
"%02x"
,
h
.
Sum
(
nil
))
!=
sig
{
return
""
,
false
return
""
,
false
}
}
res
,
_
:=
base64
.
URLEncoding
.
DecodeString
(
vs
)
buf
:=
bytes
.
NewBufferString
(
val
)
encoder
:=
base64
.
NewDecoder
(
base64
.
StdEncoding
,
buf
)
res
,
_
:=
ioutil
.
ReadAll
(
encoder
)
return
string
(
res
),
true
return
string
(
res
),
true
}
}
func
(
c
*
Controller
)
SetSecureCookie
(
Secret
,
name
,
val
string
,
age
int
)
{
func
(
c
*
Controller
)
SetSecureCookie
(
Secret
,
name
,
val
string
,
age
int
64
)
{
vs
:=
base64
.
URLEncoding
.
EncodeToString
([]
byte
(
val
))
vs
:=
base64
.
URLEncoding
.
EncodeToString
([]
byte
(
val
))
timestamp
:=
strconv
.
FormatInt
(
time
.
Now
()
.
UnixNano
(),
10
)
timestamp
:=
strconv
.
FormatInt
(
time
.
Now
()
.
UnixNano
(),
10
)
h
:=
hmac
.
New
(
sha1
.
New
,
[]
byte
(
Secret
))
h
:=
hmac
.
New
(
sha1
.
New
,
[]
byte
(
Secret
))
...
@@ -348,11 +344,11 @@ func (c *Controller) XsrfToken() string {
...
@@ -348,11 +344,11 @@ func (c *Controller) XsrfToken() string {
if
c
.
_xsrf_token
==
""
{
if
c
.
_xsrf_token
==
""
{
token
,
ok
:=
c
.
GetSecureCookie
(
XSRFKEY
,
"_xsrf"
)
token
,
ok
:=
c
.
GetSecureCookie
(
XSRFKEY
,
"_xsrf"
)
if
!
ok
{
if
!
ok
{
expire
:=
0
var
expire
int64
if
c
.
XSRFExpire
>
0
{
if
c
.
XSRFExpire
>
0
{
expire
=
c
.
XSRFExpire
expire
=
int64
(
c
.
XSRFExpire
)
}
else
{
}
else
{
expire
=
XSRFExpire
expire
=
int64
(
XSRFExpire
)
}
}
token
=
GetRandomString
(
15
)
token
=
GetRandomString
(
15
)
c
.
SetSecureCookie
(
XSRFKEY
,
"_xsrf"
,
token
,
expire
)
c
.
SetSecureCookie
(
XSRFKEY
,
"_xsrf"
,
token
,
expire
)
...
@@ -379,8 +375,16 @@ func (c *Controller) CheckXsrfCookie() bool {
...
@@ -379,8 +375,16 @@ func (c *Controller) CheckXsrfCookie() bool {
}
}
func
(
c
*
Controller
)
XsrfFormHtml
()
string
{
func
(
c
*
Controller
)
XsrfFormHtml
()
string
{
var
expire
int64
if
c
.
XSRFExpire
>
0
{
expire
=
int64
(
c
.
XSRFExpire
)
}
else
{
expire
=
int64
(
XSRFExpire
)
}
token
:=
GetRandomString
(
15
)
c
.
SetSecureCookie
(
XSRFKEY
,
"_xsrf"
,
token
,
expire
)
return
"<input type=
\"
hidden
\"
name=
\"
_xsrf
\"
value=
\"
"
+
return
"<input type=
\"
hidden
\"
name=
\"
_xsrf
\"
value=
\"
"
+
c
.
_xsrf_
token
+
"
\"
/>"
token
+
"
\"
/>"
}
}
func
(
c
*
Controller
)
GoToFunc
(
funcname
string
)
{
func
(
c
*
Controller
)
GoToFunc
(
funcname
string
)
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment