Issue opened for the creation of a wiki page that summarizes the doubts and problems for newbies (#52).
Writing #52 I had a doubt:
I need to use surfing.SetBaseCookie(http.Cookie{Path: "/"})?
I don't know if many csrf cookies makes sense if I have these routes:
- "/"
- "/login" - server rendered html form with csrf
- "/logout" - just get which logouts
- "/api" - json api endpoint POST, GET, so it needs CSRF protection
- "/oldApiEndpoint"
Why nosurf keep creating cookies for these routes? I think I just need one cookie on the Path: "/" and Domain: ".mysite.com".
Where am I wrong?
Issue opened for the creation of a wiki page that summarizes the doubts and problems for newbies (#52).
Writing #52 I had a doubt:
I need to use
surfing.SetBaseCookie(http.Cookie{Path: "/"})?I don't know if many csrf cookies makes sense if I have these routes:
Why nosurf keep creating cookies for these routes? I think I just need one cookie on the Path: "/" and Domain: ".mysite.com".
Where am I wrong?