csrf: able to set custom cookie name

Add new config option '[session] CSRF_COOKIE_NAME'.
8 years ago · 054e97d614
5 changed files with 9 additions and 6 deletions
--- a/conf/app.ini
+++ b/conf/app.ini
@ -250,6 +250,8 @@ ENABLE_SET_COOKIE = true
 GC_INTERVAL_TIME = 86400
 ; Session life time, default is 86400
 SESSION_LIFE_TIME = 86400
 ; Cookie name for CSRF
 CSRF_COOKIE_NAME = _csrf
 [picture]
 ; Path to store user uploaded avatars
--- a/gogs.go
+++ b/gogs.go
@ -16,7 +16,7 @@ import (
 	"github.com/gogits/gogs/modules/setting"
 )
-const APP_VER = "0.9.165.0222 / 0.10 RC"
+const APP_VER = "0.9.166.0222 / 0.10 RC"
 func init() {
 	setting.AppVer = APP_VER
--- a/modules/bindata/bindata.go
+++ b/modules/bindata/bindata.go
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@ -187,7 +187,7 @@ var (
 	// Session settings
 	SessionConfig  session.Options
-	CSRFCookieName = "_csrf"
+	CSRFCookieName string
 	// Cron tasks
 	Cron struct {
@ -744,6 +744,7 @@ func newSessionService() {
 	SessionConfig.Secure = Cfg.Section("session").Key("COOKIE_SECURE").MustBool()
 	SessionConfig.Gclifetime = Cfg.Section("session").Key("GC_INTERVAL_TIME").MustInt64(86400)
 	SessionConfig.Maxlifetime = Cfg.Section("session").Key("SESSION_LIFE_TIME").MustInt64(86400)
 	CSRFCookieName = Cfg.Section("session").Key("CSRF_COOKIE_NAME").MustString("_csrf")
 	log.Info("Session Service Enabled")
 }
--- a/templates/.VERSION
+++ b/templates/.VERSION
@ -1 +1 @@
-0.9.165.0222 / 0.10 RC
+0.9.166.0222 / 0.10 RC
		`@ -1 +1 @@`
			`0.9.165.0222 / 0.10 RC`				`0.9.166.0222 / 0.10 RC`