yuzucchii/jetzig
1
0
Fork 0
mirror of https://github.com/jetzig-framework/jetzig.git synced 2025-05-14 14:06:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
322 Commits 62 Branches 1 Tag
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Bob Farrell 6e6f1bec1b Closes #108: Anti-CSRF middleware 
Add to middleware in app's `src/main.zig`:

```zig
pub const jetzig_options = struct {
    pub const middleware: []const type = &.{
        jetzig.middleware.AntiCsrfMiddleware,
    };
};
```

CSRF token available in Zmpl templates:

```
{{context.authenticityToken()}}
```
or render a hidden form element:
```
{{context.authenticityFormElement()}}
```

The following HTML requests are rejected (403 Forbidden) if the
submitted query param does not match the value stored in the encrypted
session (added automatically when the token is generated for a template
value):

* POST
* PUT
* PATCH
* DELETE

JSON requests are not impacted - users should either disable JSON
endpoints or implement a different authentication method to protect
them.
2024-11-23 12:49:49 +00:00
.github/workflows
Closes #108: Anti-CSRF middleware
2024-11-23 12:49:49 +00:00
cli
Database CLI improvements
2024-11-19 21:39:01 +00:00
demo
Closes #108: Anti-CSRF middleware
2024-11-23 12:49:49 +00:00
src
Closes #108: Anti-CSRF middleware
2024-11-23 12:49:49 +00:00
.gitignore
Embed static routes in compiled exe
2024-06-08 19:37:41 +01:00
archive.tar.gz
Implement init command, get rid of old init script/artifacts
2024-03-06 22:57:11 +00:00
build.zig
Closes #108: Anti-CSRF middleware
2024-11-23 12:49:49 +00:00
build.zig.zon
Closes #108: Anti-CSRF middleware
2024-11-23 12:49:49 +00:00
LICENSE
Templating
2024-01-15 11:05:17 +00:00
README.md
Move CI badge above logo in README
2024-11-14 21:41:30 +00:00

README.md

CI

Jetzig Logo

Jetzig is a web framework written in 100% pure Zig 🦎 for Linux, OS X, Windows, and any OS that can compile Zig code.

Official website: jetzig.dev

Jetzig aims to provide a rich set of user-friendly tools for building modern web applications quickly. See the checklist below.

Join us on Discord ! https://discord.gg/eufqssz7X6.

If you are interested in Jetzig you will probably find these tools interesting too:

Checklist

  • File system-based routing with [slug] matching.
  • HTML and JSON response (inferred from extension and/or Accept header).
  • JSON-compatible response data builder.
  • HTML templating (see Zmpl).
  • Per-request arena allocator.
  • Sessions.
  • Cookies.
  • Error handling.
  • Static content from /public directory.
  • Request/response headers.
  • Stack trace output on error.
  • Static content generation.
  • Param/JSON payload parsing/abstracting.
  • Static content parameter definitions.
  • Middleware interface.
  • MIME type inference.
  • Email delivery.
  • Background jobs.
  • General-purpose cache.
  • Development server auto-reload.
  • Testing helpers for testing HTTP requests/responses.
  • Custom/non-conventional routes.
  • Database integration.
  • Environment configurations (development/production/etc.)
  • Email receipt (via SendGrid/AWS SES/etc.)

LICENSE

MIT

Contributors

Description
Jetzig is a web framework written in Zig
zig-package
Readme MIT 1.3 MiB
Languages
Zig 99.4%
CSS 0.6%