Skip to content

Instantly share code, notes, and snippets.

Created Mar 29, 2019
What would you like to do?
const cookieParser = require('cookie-parser');
const csrf = require('csurf');
const bodyParser = require('body-parser');
const express = require('express');
const csrfProtection = csrf({ cookie: true });
const parseForm = bodyParser.urlencoded({ extended: false });
const app = express();
// parse cookies
// we need this because "cookie" is true in csrfProtection
app.get('/form', csrfProtection, function (req, res) {
// pass the csrfToken to the view
res.render('send', { csrfToken: req.csrfToken() })
})'/process', parseForm, csrfProtection, function (req, res) {
res.send('data is being processed')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment