github.com/justinas/nosurf

nosurf

Package nosurf implements an HTTP handler that mitigates Cross-Site Request Forgery Attacks.

81

Decision Signals

Health score 81/100, confidence 100/100.

Strong
Maintenance 43
Adoption 100
Security 92
Maturity 100
Developer DX 97
Confidence 100

Install

go get github.com/justinas/nosurf

Package Data

updated Jun 11, 2026
Latest versionv1.2.0
Imported by2.5K packages
Stars1.7K
Forks127
Last activity1 years ago
Latest releasev1.2.0 (1 years ago)
LicenseMIT
Known vuln records0

API Surface

30 symbols
SymbolKindSynopsis
CSRFHandler Type type CSRFHandler struct{}
CSRFHandler.ExemptFunc Method func (h *CSRFHandler) ExemptFunc(fn func(r *http.Request) bool)
CSRFHandler.ExemptGlob Method func (h *CSRFHandler) ExemptGlob(pattern string)
CSRFHandler.ExemptGlobs Method func (h *CSRFHandler) ExemptGlobs(patterns ...string)
CSRFHandler.ExemptPath Method func (h *CSRFHandler) ExemptPath(path string)
CSRFHandler.ExemptPaths Method func (h *CSRFHandler) ExemptPaths(paths ...string)
CSRFHandler.ExemptRegexp Method func (h *CSRFHandler) ExemptRegexp(re interface{})
CSRFHandler.ExemptRegexps Method func (h *CSRFHandler) ExemptRegexps(res ...interface{})
CSRFHandler.IsExempt Method func (h *CSRFHandler) IsExempt(r *http.Request) bool
CSRFHandler.RegenerateToken Method func (h *CSRFHandler) RegenerateToken(w http.ResponseWriter, r *http.Request) string
CSRFHandler.ServeHTTP Method func (h *CSRFHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
CSRFHandler.SetBaseCookie Method func (h *CSRFHandler) SetBaseCookie(cookie http.Cookie)

Maintained Alternatives

limited recent repository activity

#1 Caddy

Package caddy implements the Caddy server manager.

Go Security Middleware 73.3K stars 0 imported-by 80% confidence
91

#2 go-jwt-middleware

A Middleware for Go Programming Language to check for JWTs on HTTP requests

Go Security Middleware 1.2K stars 874 imported-by 60% confidence
91

#3 authelia

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

Go Security Middleware 28.0K stars 0 imported-by 95% confidence
81

Similar Packages

Go Security Middleware

#1 Caddy

Package caddy implements the Caddy server manager.

Go Security Middleware 73.3K stars 0 imported-by 80% confidence
91

#2 go-jwt-middleware

A Middleware for Go Programming Language to check for JWTs on HTTP requests

Go Security Middleware 1.2K stars 874 imported-by 60% confidence
91

#3 authelia

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

Go Security Middleware 28.0K stars 0 imported-by 95% confidence
81

#4 gorilla/csrf

Package gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒

Go Security Middleware 1.2K stars 1.1K imported-by 65% confidence
67

#5 secure

Package secure is an HTTP middleware for Go that facilitates some quick security wins.

Go Security Middleware 0 stars 921 imported-by 80% confidence
64