24 lines
685 B
Go
24 lines
685 B
Go
package http
|
|
|
|
import (
|
|
"Moonshark/core/logger"
|
|
"Moonshark/core/utils"
|
|
|
|
"github.com/valyala/fasthttp"
|
|
)
|
|
|
|
// HandleCSRFError handles a CSRF validation error
|
|
func HandleCSRFError(ctx *fasthttp.RequestCtx, errorConfig utils.ErrorPageConfig) {
|
|
method := string(ctx.Method())
|
|
path := string(ctx.Path())
|
|
|
|
logger.Warning("CSRF validation failed for %s %s", method, path)
|
|
|
|
ctx.SetContentType("text/html; charset=utf-8")
|
|
ctx.SetStatusCode(fasthttp.StatusForbidden)
|
|
|
|
errorMsg := "Invalid or missing CSRF token. This could be due to an expired form or a cross-site request forgery attempt."
|
|
errorHTML := utils.ForbiddenPage(errorConfig, path, errorMsg)
|
|
ctx.SetBody([]byte(errorHTML))
|
|
}
|