Improve performance of csrf errors (github#16136)

* Improve performance of csrf errors * Fix handle csrf error middleware Co-authored-by: Chiedo <chiedo@users.noreply.github.com>
AhAow353 · Oct 20, 2020 · 9f10fdd · 9f10fdd
1 parent c649023
commit 9f10fdd
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 5 deletions.
diff --git a/middleware/handle-csrf-errors.js b/middleware/handle-csrf-errors.js
@@ -0,0 +1,8 @@
+module.exports = async function handleCSRFError (error, req, res, next) {
+  // If the CSRF token is bad
+  if (error.code === 'EBADCSRFTOKEN') {
+    return res.sendStatus(403)
+  }
+
+  return next(error)
+}
diff --git a/middleware/handle-errors.js b/middleware/handle-errors.js
@@ -48,10 +48,5 @@ module.exports = async function handleError (error, req, res, next) {
     }
   }
 
-  // If the CSRF token is bad
-  if (error.code === 'EBADCSRFTOKEN') {
-    return res.sendStatus(403)
-  }
-
   res.status(500).send(await liquid.parseAndRender(layouts['error-500'], req.context))
 }
diff --git a/middleware/index.js b/middleware/index.js
@@ -28,6 +28,7 @@ module.exports = function (app) {
   app.use(require('./robots'))
   app.use(require('./cookie-parser'))
   app.use(require('./csrf'))
+  app.use(require('./handle-csrf-errors'))
   app.use(require('compression')())
   app.use(require('connect-slashes')(false))
   app.use('/dist', express.static('dist'))