gorilla/csrf v1.6.1 Release Notes
Release Date: 2019-08-26 // over 4 years ago-
Notable Changes
๐ ๐ This release introduces the
TrustedOrigins
option, which allows a user to explicitly trust specific Referers. This simplifies the use of this library when the backend domain (issuing the cookie) does not match the front-end domain, such as in Single Page Application architectures.๐ ๐ This release also fixes a regression to applying the default cookie MaxAge (cookies were only session cookies). This would typically have been unnoticed by most users as the CSRF middleware resets the cookie on each request.
๐ CHANGELOG