v1.6.1

Notable Changes

🆕 This release introduces the TrustedOrigins option, which allows a user to explicitly trust specific Referers. This simplifies the use of this library when the backend domain (issuing the cookie) does not match the front-end domain, such as in Single Page Application architectures.

🐞 This release also fixes a regression to applying the default cookie MaxAge (cookies were only session cookies). This would typically have been unnoticed by most users as the CSRF middleware resets the cookie on each request.

CHANGELOG

• bugfix: correctly set a defaultMaxAge when MaxAge isn't called (#120) @elithrar
• Create release-drafter.yml (#118) @elithrar
• Add trusted origins feature (#117) @fjorgemota
• Add CircleCI status badge to README (#113) @elithrar