crumb - npm Package Compare versions

Comparing version 6.0.0 to 6.0.1

example/restful.js

		@@ -27,3 +27,3 @@ 'use strict';
		// return crumb if desired
		return reply('{ "crumb": ' + request.plugins.crumb + ' }');
		return reply({ crumb: request.plugins.crumb });
		}
		@@ -30,0 +30,0 @@ },

lib/index.js

		@@ -90,4 +90,4 @@ 'use strict';

		if (settings.restful === false \|\|
		(!request.route.settings.plugins._crumb \|\| request.route.settings.plugins._crumb.restful === false)) {
		const routeIsRestful = (request.route.settings.plugins._crumb && request.route.settings.plugins._crumb.restful === true);
		if (!routeIsRestful && settings.restful === false ) {

		@@ -94,0 +94,0 @@ if (request.method !== 'post' \|\|

package.json

		{
		"name": "crumb",
		"description": "CSRF crumb generation and validation plugin",
		"version": "6.0.0",
		"version": "6.0.1",
		"repository": "git://github.com/hapijs/crumb",
		@@ -6,0 +6,0 @@ "bugs": {

README.md

		@@ -9,2 +9,8 @@ ![crumb Logo](https://raw.github.com/hapijs/crumb/master/images/crumb.png)

		## What to Use Crumb for and When to Use It

		Crumb is used to diminish CSRF attacks using a random unique token that is validated on the server side.

		Crumb may be used whenever you want to prevent malicious code to execute system commands, that are performed by HTTP requests. For example, if users are able to publish code on your website, malicious code added by a user could force every other user who opens the page, to load and execute code from a third party website e.g. via an HTML image tag. With Crumb implemented into your hapi.js application, you are able to verify requests with unique tokens and prevent the execution of malicious requests.

		## CORS
		@@ -16,2 +22,4 @@



		## Plugin Options
		@@ -18,0 +26,0 @@

test/index.js

		@@ -659,3 +659,3 @@ 'use strict';

		expect(res12.result).to.equal('valid');
		expect(res12.statusCode).to.equal(403);
		done();
		@@ -662,0 +662,0 @@ });

Improved metrics