mirror of https://github.com/golang/go.git
496 B
496 B
The new [CrossOriginProtection] implements protections against Cross-Site Request Forgery (CSRF) by rejecting non-safe cross-origin browser requests. It uses modern browser Fetch metadata, doesn't require tokens or cookies, and supports origin-based and pattern-based bypasses.