Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(sveltekit): rm redundant csrf check #10963

Merged
merged 8 commits into from
Jun 2, 2024
Merged

fix(sveltekit): rm redundant csrf check #10963

merged 8 commits into from
Jun 2, 2024

Conversation

ndom91
Copy link
Member

@ndom91 ndom91 commented May 19, 2024
edited

☕️ Reasoning

  • Removes the additional request to get a csrfToken before attempting signIn or signOut client actions
  • Drops the skipCSRFCheck we were already adding in the actions signIn/signOut methods, since we're putting it on the whole config by default now, passing it here was redundant.
  • SvelteKit has built-in origin checking, making an additional csrf check redundant
  • Removes a TODO

🧢 Checklist

  • Documentation
  • Tests
  • Ready to be merged

🎫 Affected issues

📌 Resources

@ndom91 ndom91 requested a review from ThangHuuVu as a code owner May 19, 2024 15:37
@vercel Vercel
Copy link

vercel bot commented May 19, 2024
edited

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
auth-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jun 2, 2024 4:26am
2 Ignored Deployments
Name Status Preview Comments Updated (UTC)
next-auth-docs ⬜️ Ignored (Inspect) Visit Preview Jun 2, 2024 4:26am
proxy ⬜️ Ignored (Inspect) Visit Preview Jun 2, 2024 4:26am

@ndom91 ndom91 requested a review from balazsorban44 May 19, 2024 15:38
@codecov Codecov
Copy link

codecov bot commented May 19, 2024
edited

Codecov Report

Attention: Patch coverage is 0% with 5 lines in your changes are missing coverage. Please review.

Project coverage is 40.77%. Comparing base (577b7f9) to head (f128b5e).

Files Patch % Lines
packages/frameworks-sveltekit/src/lib/actions.ts 0.00% 3 Missing ⚠️
packages/frameworks-sveltekit/src/lib/env.ts 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #10963      +/-   ##
==========================================
+ Coverage   40.75%   40.77%   +0.02%     
==========================================
  Files         177      177              
  Lines       28038    28022      -16     
  Branches     1238     1244       +6     
==========================================
  Hits        11426    11426              
+ Misses      16612    16596      -16

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@ThangHuuVu ThangHuuVu merged commit 656f1ec into main Jun 2, 2024
13 of 15 checks passed
@ThangHuuVu ThangHuuVu deleted the ndom91/rm-csrf-check-sveltekit branch June 2, 2024 04:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ThangHuuVu ThangHuuVu ThangHuuVu approved these changes

@balazsorban44 balazsorban44 Awaiting requested review from balazsorban44

Assignees
No one assigned
Labels
frameworks svelte
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ndom91 @ThangHuuVu