Merge pull request #2315 from sch00lb0y/master

issue no:#2261 fix for xsrf panic error

Merge pull request #2315 from sch00lb0y/master
issue no:#2261 fix for xsrf panic error
f0b95c55 · astaxie · GitHub · 720c323e · ce677202 · f0b95c55
Commit f0b95c55 authored May 19, 2017 by astaxie Committed by GitHub May 19, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 0 deletions

error.go error.go +24 -0

hooks.go hooks.go +2 -0

No files found.
--- a/error.go
+++ b/error.go
@@ -252,6 +252,30 @@ func forbidden(rw http.ResponseWriter, r *http.Request) {
 	)
 }

+// show 422 missing xsrf token
+func missingxsrf(rw http.ResponseWriter, r *http.Request) {
+	responseError(rw, r,
+		422,
+		"<br>The page you have requested is forbidden."+
+			"<br>Perhaps you are here because:"+
+			"<br><br><ul>"+
+			"<br>'_xsrf' argument missing from POST"+
+			"</ul>",
+	)
+}
+
+// show 417 invalid xsrf token
+func invalidxsrf(rw http.ResponseWriter, r *http.Request) {
+	responseError(rw, r,
+		417,
+		"<br>The page you have requested is forbidden."+
+			"<br>Perhaps you are here because:"+
+			"<br><br><ul>"+
+			"<br>expected XSRF not found"+
+			"</ul>",
+	)
+}
+
 // show 404 not found error.
 func notFound(rw http.ResponseWriter, r *http.Request) {
 	responseError(rw, r,

--- a/hooks.go
+++ b/hooks.go
@@ -32,6 +32,8 @@ func registerDefaultErrorHandler() error {
 		"502": badGateway,
 		"503": serviceUnavailable,
 		"504": gatewayTimeout,
+		"417": invalidxsrf,
+		"422": missingxsrf,
 	}
 	for e, h := range m {
 		if _, ok := ErrorMaps[e]; !ok {