Make the docs actually useful. about csurf HOT 7 CLOSED

You can reference the Connect documentation.

http://www.senchalabs.org/connect/csrf.html

from csurf.

Still needs proper examples.

from csurf.

It would be awesome to have an example showing how to integrate session-based CSRF, just simple code examples with Express 4 would be a huge improvement. Right now I have found one article that explains how to do it in Express 4, but doesn't go into session-based CSRF, just cookies. As a bit of a noob to the security-layer, this would be nice to have in the module readme. Even a basic working code example with no documentation would be great!

from csurf.

The only way I can understand to do it in a way relatable to real-world is to do the example in 3 parts; server, jade template and client js.

Which seems kinda excessive, but idk how to make it reasonably clear otherwise. Maybe I don't understand it enough.

from csurf.

@Fishrock123 what we need is a separate repo for everything in https://github.com/visionmedia/express/tree/master/examples (where each subfolder has their own package.json, even). Then we could add some for csrf and point people there in the docs here.

from csurf.

@dougwilson +1 to that!

from csurf.

Considering that everything is pretty broken apart into these modules, I don't see why minor commit logs for examples and a .npmignore'd /examples directory would be a problem in these modules.

I think in the end it may be more sane to maintain than a separate amalgamated repo.

from csurf.