Patrick
/
Stundenaufzeichnung
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

revert 2fb4f8ac98 

revert added log statement to csrf validation
This commit is contained in:
Patrick 2025-08-02 16:12:53 +02:00
parent f56b707cb7
commit 7d1e6b9451
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/lib/server/csrf.ts
View File

@ -5,8 +5,6 @@
import type { Handle } from '@sveltejs/kit'; import type { Handle } from '@sveltejs/kit';
import { json, text } from '@sveltejs/kit'; import { json, text } from '@sveltejs/kit';
import Logs from "$lib/server/log"
/** /**
* CSRF protection middleware for SvelteKit. * CSRF protection middleware for SvelteKit.
* *
@ -30,8 +28,6 @@ export function csrf(allowedPaths: string[], allowedOrigins: string[] = []): Han
!allowedPaths.includes(url.pathname); // Path is not explicitly allowed !allowedPaths.includes(url.pathname); // Path is not explicitly allowed
if (forbidden) { if (forbidden) {
Logs.route.warn("Blocked request due to csrf violation")
const message = `Cross-site ${request.method} form submissions are forbidden`; const message = `Cross-site ${request.method} form submissions are forbidden`;
if (request.headers.get('accept') === 'application/json') { if (request.headers.get('accept') === 'application/json') {
return json({ message }, { status: 403 }); return json({ message }, { status: 403 });