Question about CSRF
Hey everyone
Trying to use CSRF protection, and I'm wondering if that work like Laravel CSRF protection (input hidden with a CSRF token)
is that "magic" and I just need to add app.use(csrf()) in my index.ts ? or is there something else I need to do
was trying to get the token via c.get, but it didn't worked, and didn't find any doc about that
1 Reply
the hono csrf middleware just does an
origin header check, i think: https://hono.dev/docs/middleware/builtin/csrf
but you can always double-check w the source code