proxy.golang.org : github.com/codahale/charlie
Package charlie provides a fast, safe, stateless mechanism for adding CSRF protection to web applications. Charlie generates per-request tokens, which resist modern web attacks like BEAST, BREACH, CRIME, TIME, and Lucky 13, as well as web attacks of the future, like CONDOR, BEETLEBUTT, NINJAFACE, and TacoTacoPopNLock Quasi-Chunking. In addition, the fact that Charlie tokens are stateless means their usage is dramatically simpler than most CSRF countermeasures--simply return a token with each response and require a token with each authenticated request. A token is a 32-bit Unix epoch timestamp, concatenated with the HMAC-SHA256-128 MAC of both the timestamp and the user's identity (or session ID). This is a rapidly changing value, making tokens indistinguishable from random data to an attacker performing an online attack. Generation and validation each take ~4us on modern hardware, and the tokens themselves are only 28 bytes long.
Registry
-
Source
- Documentation
- JSON
purl: pkg:golang/github.com/codahale/charlie
License: MIT
Latest release: about 10 years ago
First release: about 10 years ago
Namespace: github.com/codahale
Stars: 46 on GitHub
Forks: 3 on GitHub
See more repository details: repos.ecosyste.ms
Last synced: 6 days ago