rancher/norman
1
0
Fork 0
mirror of https://github.com/rancher/norman.git synced 2025-09-05 09:10:31 +00:00
Code Issues Releases Wiki Activity

updated cookie token size

Browse Source
This commit is contained in:
Kevin Joiner
2022-06-09 11:34:57 -04:00
parent 82478fb169
commit bbb7a54593
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
api/validate.go
View File

@@ -52,7 +52,8 @@ func CheckCSRF(apiContext *types.APIContext) error {
cookie, err := apiContext.Request.Cookie(csrfCookie) cookie, err := apiContext.Request.Cookie(csrfCookie)
if err == http.ErrNoCookie { if err == http.ErrNoCookie {
bytes := make([]byte, 5) // 16 bytes = 32 Hex Char = 128 bit entropy
bytes := make([]byte, 16)
_, err := rand.Read(bytes) _, err := rand.Read(bytes)
if err != nil { if err != nil {
return httperror.WrapAPIError(err, httperror.ServerError, "Failed in CSRF processing") return httperror.WrapAPIError(err, httperror.ServerError, "Failed in CSRF processing")