Go Package Radar
github.com/justinas/nosurf

nosurf

Package nosurf implements an HTTP handler that mitigates Cross-Site Request Forgery Attacks.

81
Repository pkg.go.dev Category ranking

Decision Signals

Health score 81/100, confidence 100/100.

Strong
Maintenance 43
Adoption 100
Security 92
Maturity 100
Developer DX 97
Confidence 100

Install

go get github.com/justinas/nosurf

Package Data

updated May 28, 2026
Latest versionv1.2.0
Imported by2.5K packages
Stars1.7K
Forks127
Last activity1 years ago
Latest releasev1.2.0 (1 years ago)
LicenseMIT
Known vuln records0

API Surface

30 symbols
SymbolKindSynopsis
CSRFHandler Type type CSRFHandler struct{}
CSRFHandler.ExemptFunc Method func (h *CSRFHandler) ExemptFunc(fn func(r *http.Request) bool)
CSRFHandler.ExemptGlob Method func (h *CSRFHandler) ExemptGlob(pattern string)
CSRFHandler.ExemptGlobs Method func (h *CSRFHandler) ExemptGlobs(patterns ...string)
CSRFHandler.ExemptPath Method func (h *CSRFHandler) ExemptPath(path string)
CSRFHandler.ExemptPaths Method func (h *CSRFHandler) ExemptPaths(paths ...string)
CSRFHandler.ExemptRegexp Method func (h *CSRFHandler) ExemptRegexp(re interface{})
CSRFHandler.ExemptRegexps Method func (h *CSRFHandler) ExemptRegexps(res ...interface{})
CSRFHandler.IsExempt Method func (h *CSRFHandler) IsExempt(r *http.Request) bool
CSRFHandler.RegenerateToken Method func (h *CSRFHandler) RegenerateToken(w http.ResponseWriter, r *http.Request) string
CSRFHandler.ServeHTTP Method func (h *CSRFHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
CSRFHandler.SetBaseCookie Method func (h *CSRFHandler) SetBaseCookie(cookie http.Cookie)

Maintained Alternatives

limited recent repository activity

#1 Caddy

Package caddy implements the Caddy server manager.

Go Security Middleware 72.8K stars 510 imported-by 100% confidence
97

#2 secure

Package secure is an HTTP middleware for Go that facilitates some quick security wins.

Go Security Middleware 2.3K stars 921 imported-by 65% confidence
91

Similar Packages

Go Security Middleware

#1 Caddy

Package caddy implements the Caddy server manager.

Go Security Middleware 72.8K stars 510 imported-by 100% confidence
97

#2 secure

Package secure is an HTTP middleware for Go that facilitates some quick security wins.

Go Security Middleware 2.3K stars 921 imported-by 65% confidence
91

#3 gorilla/csrf

Package csrf (gorilla/csrf) provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services.

Go Security Middleware 1.2K stars 0 imported-by 80% confidence
69

#4 sslmgr

SSL certificates made easy with a high level wrapper around acme/autocert.

Go Security Middleware 0 stars 1 imported-by 80% confidence
53

#5 multikey

An n-out-of-N keys encryption/decryption framework based on Shamir's Secret Sharing algorithm.

Go Security Middleware 0 stars 0 imported-by 80% confidence
42