21 lines
671 B
Go
21 lines
671 B
Go
package http
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"git.sharkk.net/Sky/Moonshark/core/logger"
|
|
"git.sharkk.net/Sky/Moonshark/core/utils"
|
|
)
|
|
|
|
// HandleCSRFError handles a CSRF validation error
|
|
func HandleCSRFError(w http.ResponseWriter, r *http.Request, errorConfig utils.ErrorPageConfig) {
|
|
logger.Warning("CSRF validation failed for %s %s", r.Method, r.URL.Path)
|
|
|
|
w.Header().Set("Content-Type", "text/html; charset=utf-8")
|
|
w.WriteHeader(http.StatusForbidden)
|
|
|
|
errorMsg := "Invalid or missing CSRF token. This could be due to an expired form or a cross-site request forgery attempt."
|
|
errorHTML := utils.ForbiddenPage(errorConfig, r.URL.Path, errorMsg)
|
|
w.Write([]byte(errorHTML))
|
|
}
|