| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
<!--
For Work In Progress Pull Requests, please use the Draft PR feature,
see https://github.blog/2019-02-14-introducing-draft-pull-requests/ for
further details.
For a timely review/response, please avoid force-pushing additional
commits if your PR already received reviews or comments.
Before submitting a Pull Request, please ensure that you have:
- 📖 Read the Contributing guide:
https://github.com/gorilla/.github/blob/main/CONTRIBUTING.md
- 📖 Read the Code of Conduct:
https://github.com/gorilla/.github/blob/main/CODE_OF_CONDUCT.md
- Provide tests for your changes.
- Use descriptive commit messages.
- Comment your code where appropriate.
- Squash your commits
- Update any related documentation.
- Add gorilla/pull-request-reviewers as a Reviewer
-->
## What type of PR is this? (check all applicable)
- [ ] Refactor
- [ ] Feature
- [ ] Bug Fix
- [x] Optimization
- [ ] Documentation Update
## Description
## Related Tickets & Documents
<!--
For pull requests that relate or close an issue, please include them
below. We like to follow [Github's guidance on linking issues to pull
requests](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue).
For example having the text: "closes #1234" would connect the current
pull
request to issue 1234. And when we merge the pull request, Github will
automatically close the issue.
-->
- Related Issue #
- Closes #
## Added/updated tests?
- [ ] Yes
- [ ] No, and this is why: _please replace this line with details on why
tests
have not been included_
- [ ] I need help with writing tests
## Run verifications and test
- [ ] `make verify` is passing
- [ ] `make test` is passing
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Unshortened the links in the docs because
1. goo.gl is a deprecated service
2. being able to see the actual link is more verbose thus more useful
inside of docs
Co-authored-by: Corey Daley <cdaley@redhat.com>
|
| | |\
| | |
| | | |
Update README.md
|
| | |/
| |
| | |
Signed-off-by: Corey Daley <cdaley@redhat.com>
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
* Include an example for using DecodeMulti in the Readme
* Put warning in as code comment
|
| | |
| |
| | |
The AES block size is always the same, it's the key size that selects AES-128, AES-192, or AES-256.
|
| | |
| |
| |
| |
| |
| | |
* Create config.yml
* Delete .travis.yml
|
| | |\
| | |
| | | |
github: remove false-match for language detection
|
| | |/ |
|
| | |\
| | |
| | | |
[docs] Clarify usage of GenerateRandomKey
|
| | | | |
|
| | | | |
|
| | |/ |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
this scenario might occur when converting from an empty string to
byte slice, such as when reading from a configuration file.
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
| |
* Fixes #41
|
| | |
|
| | |
|
| |\
| |
| | |
Update Readme: Added HttpOnly, Secure flags for setting the cookie
|
| |/ |
|
| |\ |
|
| | |\
| | |
| | | |
[feature] NopEncoder: accept/return []byte.
|
| | |/
| |
| |
| | |
- [docs] Update doc.go for golint.
|
| |/ |
|
| |\
| |
| | |
[ci] Update .travis.yml to build Go 1.6
|
| |/ |
|
| |\
| |
| | |
Reverts d8773d3 - backports len check for subtle.ConstantTimeCompare.
|
| |/ |
|
| | |
|
| | |
|
| |\
| |
| | |
Improved documentation for GenerateRandomKey
|
| | | |
|
| |/ |
|
| | |
|
| |\
| |
| | |
Improved documentation for CodecsFromPairs.
|
| |/
|
|
|
|
|
| |
- Partially addresses https://github.com/gorilla/sessions/issues/48
- Downstream store packages will need to perform the type assertion in their code
- Elected to document this and fix stores rather than add a function to the
public API.
|
| |\
| |
| | |
Update block key lengths in README
|
| | | |
|
| |\ \
| |/
|/| |
Make errors more distinguishable
|
| | |
| |
| |
| |
| | |
Per elithrar comment on PR 28:
https://github.com/gorilla/securecookie/pull/28#discussion_r35059831
|
| | |
| |
| |
| |
| | |
Per elithrar comment on PR 28:
https://github.com/gorilla/securecookie/pull/28#discussion_r35059597
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prior to this commit, this library raised errors either mostly using
errors.New() or directly passing through error values from underlying
libraries. This made it difficult for clients to respond correctly to
the errors that were returned.
This becomes particularly problematic when securecookie is used together
with gorilla/sessions. From an operations standpoint, you often want to
log different errors when the client simply provides an invalid auth
cookie, versus an I/O error fetching data from the session store. The
former probably indicates an expired timestamp or similar client error;
the latter indicates a possible failure in a backend database.
This commit introduces a public Error interface, which is now returned
consistently on all errors, and can be used to distinguish between
implementation errors (IsUsage() and IsInternal()) and failed validation
of user input (IsDecode()).
See also discussion on pull requests #9 and #24:
https://github.com/gorilla/securecookie/pull/9
https://github.com/gorilla/securecookie/pull/24
Some interface comments on other API functions have been clarified and
updated to harmonize with the new error interfaces.
|
