Svelte Themes Logo Svelte Themes
Edge Csrf screenshot

Edge Csrf

Author Avatar Theme by Amorey
Updated: 8 May 2025
174 Stars

CSRF protection library for JavaScript that runs on the edge runtime (with Next.js, SvelteKit, Express, Node-HTTP integrations)

Github

Categories

Nextjs Vite

Overview

Edge-CSRF is an innovative CSRF protection library specifically designed to enhance security for JavaScript applications running on edge runtimes. By implementing a signed double submit cookie pattern, this library provides a robust solution for developers looking to protect their applications from CSRF (Cross-Site Request Forgery) attacks while leveraging modern deployment environments like Vercel and Cloudflare. The developers have made it easy to integrate with popular frameworks such as Next.js and SvelteKit, which simplifies the implementation process for developers of all skill levels.

What distinguishes Edge-CSRF is its versatility in both node and edge environments, allowing for seamless integration regardless of your application’s architecture. The focus on a customizable approach means that developers can tailor the library to fit their specific needs, making it a valuable tool for enhancing the overall security of web applications.

Features

  • Runs on both node and edge runtimes: Compatible with a variety of deployment options, ensuring broad usability across modern environments.
  • Integrations for popular frameworks: Easy to integrate with Next.js, SvelteKit, Express, and Node-HTTP, simplifying CSRF protection for developers.
  • Low-level API for customization: Offers a lower-level API for those looking to create bespoke implementations, providing flexibility in how CSRF protection is applied.
  • Token retrieval options: Supports obtaining CSRF tokens from HTTP request headers (X-CSRF-Token) or from the request body, catering to different application setups.
  • Supports various request body types: Capable of handling form-urlencoded, multipart/form-data, or JSON-encoded HTTP request bodies, ensuring it fits into diverse workflows.
  • Customizable cookie and settings: Gives developers the ability to configure cookie settings and other options for an enhanced security setup.
  • Supports Server Actions: Facilitates CSRF protection for both form submissions and non-form submissions, providing comprehensive coverage for different user actions.
  • Active contributions welcome: The library encourages community involvement, inviting developers to share their suggestions and improvements for continued growth.