Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-06 21:36:05 +01:00
Code Issues Packages Projects Releases Activity

added extra logging for debugging CSRF issues

Browse Source
This commit is contained in:
zadam
2019-05-29 23:13:15 +02:00
parent 012a18be00
commit 0a0cac5f41
2 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/app.js
View File

@@ -67,6 +67,18 @@ require('./routes/routes').register(app);
require('./routes/custom').register(app);
app.use((err, req, res, next) => {
if (err.code !== 'EBADCSRFTOKEN') {
return next(err);
}
log.error(`Invalid CSRF token: ${req.headers['x-csrf-token']}, secret: ${req.cookies['_csrf']}`);
err = new Error('Invalid CSRF token');
err.status = 403;
next(err);
});
// catch 404 and forward to error handler
app.use((req, res, next) => {
const err = new Error('Router not found for request ' + req.url);