lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity
archy/core/archipelago
History
Dorian a7653d4c8b feat: implement CSRF protection on RPC layer 
Double-submit cookie pattern: backend generates csrf_token cookie on login
(non-HttpOnly so JS can read it), validates X-CSRF-Token header matches
cookie on all authenticated RPC calls. Returns 403 if missing/mismatched.
Frontend reads cookie and sends header automatically.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-11 00:46:52 +00:00
..
src
feat: implement CSRF protection on RPC layer
2026-03-11 00:46:52 +00:00
tests
test: add backend integration test scaffolding with 3 RPC tests
2026-03-10 23:51:22 +00:00
Cargo.toml
test: add backend integration test scaffolding with 3 RPC tests
2026-03-10 23:51:22 +00:00