From b4f47a762338abe6ce3a6e3d6d0896b8a387228d Mon Sep 17 00:00:00 2001
From: Unknwon <u@gogs.io>
Date: Sat, 12 Mar 2016 20:56:03 -0500
Subject: #1891 attempt to fix invalid csrf token

---
 cmd/web.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'cmd/web.go')

diff --git a/cmd/web.go b/cmd/web.go
index 97bb0321..3a63d084 100644
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -81,12 +81,12 @@ func checkVersion() {
 		{"github.com/go-xorm/xorm", func() string { return xorm.Version }, "0.5.2.0304"},
 		{"github.com/go-macaron/binding", binding.Version, "0.2.1"},
 		{"github.com/go-macaron/cache", cache.Version, "0.1.2"},
-		{"github.com/go-macaron/csrf", csrf.Version, "0.0.5"},
+		{"github.com/go-macaron/csrf", csrf.Version, "0.1.0"},
 		{"github.com/go-macaron/i18n", i18n.Version, "0.2.0"},
 		{"github.com/go-macaron/session", session.Version, "0.1.6"},
 		{"github.com/go-macaron/toolbox", toolbox.Version, "0.1.0"},
 		{"gopkg.in/ini.v1", ini.Version, "1.8.4"},
-		{"gopkg.in/macaron.v1", macaron.Version, "1.1.1"},
+		{"gopkg.in/macaron.v1", macaron.Version, "1.1.2"},
 		{"github.com/gogits/git-module", git.Version, "0.2.9"},
 		{"github.com/gogits/go-gogs-client", gogs.Version, "0.7.3"},
 	}
@@ -158,6 +158,7 @@ func newMacaron() *macaron.Macaron {
 	m.Use(session.Sessioner(setting.SessionConfig))
 	m.Use(csrf.Csrfer(csrf.Options{
 		Secret:     setting.SecretKey,
+		Cookie:     setting.CSRFCookieName,
 		SetCookie:  true,
 		Header:     "X-Csrf-Token",
 		CookiePath: setting.AppSubUrl,
-- 
cgit v1.2.3