🩹 Fix: Add csrf_ to default encrypt cookie exception (#1631) (#1698)

gofiber · Jan 9, 2022 · 4f1a712 · 4f1a712
1 parent 48acc21
commit 4f1a712
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/middleware/encryptcookie/README.md b/middleware/encryptcookie/README.md
@@ -64,7 +64,7 @@ type Config struct {
 
 	// Array of cookie keys that should not be encrypted.
 	//
-	// Optional. Default: []
+	// Optional. Default: ["csrf_"]
 	Except []string
 
 	// Base64 encoded unique key to encode & decode cookies.
@@ -94,4 +94,4 @@ type Config struct {
 app.Use(encryptcookie.New(encryptcookie.Config{
     Key: "secret-thirty-2-character-string",
 }))
-```
+```
diff --git a/middleware/encryptcookie/config.go b/middleware/encryptcookie/config.go
@@ -34,7 +34,7 @@ type Config struct {
 // ConfigDefault is the default config
 var ConfigDefault = Config{
 	Next:      nil,
-	Except:    make([]string, 0),
+	Except:    []string{"csrf_"},
 	Key:       "",
 	Encryptor: EncryptCookie,
 	Decryptor: DecryptCookie,