fiber Architecture Docs
Home / Function/ New() — fiber Function Reference

New() — fiber Function Reference

Architecture documentation for the New() function in csrf.go from the fiber codebase.

Function go FiberMiddleware Security calls 8

Entity Profile

Dependency Diagram

graph TD
  c524454a_687b_b78d_a451_724040543641["New()"]
  57b9eed3_6274_c073_f0db_e3c30b2a59fe["csrf.go"]
  c524454a_687b_b78d_a451_724040543641 -->|defined in| 57b9eed3_6274_c073_f0db_e3c30b2a59fe
  97fdc719_ea3c_26dd_8b1a_dfc224a8cd49["getRawFromStorage()"]
  c524454a_687b_b78d_a451_724040543641 -->|calls| 97fdc719_ea3c_26dd_8b1a_dfc224a8cd49
  9b825ced_c480_49aa_3be3_aaf1dc052ea3["validateSecFetchSite()"]
  c524454a_687b_b78d_a451_724040543641 -->|calls| 9b825ced_c480_49aa_3be3_aaf1dc052ea3
  24ad66d8_6fe0_d570_4d4c_a6f8875f7c69["originMatchesHost()"]
  c524454a_687b_b78d_a451_724040543641 -->|calls| 24ad66d8_6fe0_d570_4d4c_a6f8875f7c69
  8e520adf_724d_ccaf_25dc_1249dfbbf5bb["refererMatchesHost()"]
  c524454a_687b_b78d_a451_724040543641 -->|calls| 8e520adf_724d_ccaf_25dc_1249dfbbf5bb
  8f86bb5b_23e7_bcf2_9102_29c4d4ce5898["expireCSRFCookie()"]
  c524454a_687b_b78d_a451_724040543641 -->|calls| 8f86bb5b_23e7_bcf2_9102_29c4d4ce5898
  e1b0d803_02b8_700b_1db4_12c8038e8775["deleteTokenFromStorage()"]
  c524454a_687b_b78d_a451_724040543641 -->|calls| e1b0d803_02b8_700b_1db4_12c8038e8775
  09f204be_3064_6994_5216_1164d8d3f054["createOrExtendTokenInStorage()"]
  c524454a_687b_b78d_a451_724040543641 -->|calls| 09f204be_3064_6994_5216_1164d8d3f054
  a54cc94c_ec5f_7f46_d976_515ae08619ab["updateCSRFCookie()"]
  c524454a_687b_b78d_a451_724040543641 -->|calls| a54cc94c_ec5f_7f46_d976_515ae08619ab
  style c524454a_687b_b78d_a451_724040543641 fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

middleware/csrf/csrf.go lines 48–220

func New(config ...Config) fiber.Handler {
	// Set default config
	cfg := configDefault(config...)

	redactKeys := !cfg.DisableValueRedaction

	maskValue := func(value string) string {
		if redactKeys {
			return redactedKey
		}
		return value
	}

	// Create manager to simplify storage operations ( see *_manager.go )
	var sessionManager *sessionManager
	var storageManager *storageManager
	if cfg.Session != nil {
		sessionManager = newSessionManager(cfg.Session)
	} else {
		storageManager = newStorageManager(cfg.Storage, redactKeys)
	}

	// Pre-parse trusted origins
	trustedOrigins := []string{}
	trustedSubOrigins := []subdomain{}

	for _, origin := range cfg.TrustedOrigins {
		trimmedOrigin := utils.TrimSpace(origin)
		if i := strings.Index(trimmedOrigin, "://*."); i != -1 {
			withoutWildcard := trimmedOrigin[:i+len("://")] + trimmedOrigin[i+len("://*."):]
			isValid, normalizedOrigin := normalizeOrigin(withoutWildcard)
			if !isValid {
				panic("[CSRF] Invalid origin format in configuration:" + maskValue(origin))
			}
			schemeSep := strings.Index(normalizedOrigin, "://") + len("://")
			sd := subdomain{prefix: normalizedOrigin[:schemeSep], suffix: normalizedOrigin[schemeSep:]}
			trustedSubOrigins = append(trustedSubOrigins, sd)
		} else {
			isValid, normalizedOrigin := normalizeOrigin(trimmedOrigin)
			if !isValid {
				panic("[CSRF] Invalid origin format in configuration:" + maskValue(origin))
			}
			trustedOrigins = append(trustedOrigins, normalizedOrigin)
		}
	}

	// Create the handler outside of the returned function
	handler := &Handler{
		config:         cfg,
		sessionManager: sessionManager,
		storageManager: storageManager,
	}

	// Return new handler
	return func(c fiber.Ctx) error {
		// Don't execute middleware if Next returns true
		if cfg.Next != nil && cfg.Next(c) {
			return c.Next()
		}

		// Store the CSRF handler in the context
		c.Locals(handlerKey, handler)

		var token string

		// Action depends on the HTTP method
		switch c.Method() {
		case fiber.MethodGet, fiber.MethodHead, fiber.MethodOptions, fiber.MethodTrace:
			cookieToken := c.Cookies(cfg.CookieName)

			if cookieToken != "" {
				raw, err := getRawFromStorage(c, cookieToken, &cfg, sessionManager, storageManager)
				if err != nil {
					return cfg.ErrorHandler(c, err)
				}

				if raw != nil {
					token = cookieToken // Token is valid, safe to set it
				}
			}
		default:

Domain

Subdomains

Defined In

Calls

Source

Frequently Asked Questions

What does New() do?
New() is a function in the fiber codebase, defined in middleware/csrf/csrf.go.
Where is New() defined?
New() is defined in middleware/csrf/csrf.go at line 48.
What does New() call?
New() calls 8 function(s): createOrExtendTokenInStorage, deleteTokenFromStorage, expireCSRFCookie, getRawFromStorage, originMatchesHost, refererMatchesHost, updateCSRFCookie, validateSecFetchSite.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free