Merge pull request #84 from hapijs/route-config

#80: fixes crumb route settings bug

lib/index.js

@@ -87,8 +87,11 @@ exports.register = function (server, options, next) {
 
         // Validate crumb
 
-        const routeIsRestful = (request.route.settings.plugins._crumb && request.route.settings.plugins._crumb.restful === true);
-        if (!routeIsRestful && settings.restful === false ) {
+        let routeIsRestful;
+        if (request.route.settings.plugins._crumb && request.route.settings.plugins._crumb.restful !== undefined) {
+            routeIsRestful = request.route.settings.plugins._crumb.restful;
+        }
+        if (routeIsRestful === false || !routeIsRestful && settings.restful === false) {
 
             if (request.method !== 'post' ||
                 !request.route.settings.plugins._crumb) {

package.json

@@ -1,7 +1,7 @@
 {
   "name": "crumb",
   "description": "CSRF crumb generation and validation plugin",
-  "version": "6.0.1",
+  "version": "6.0.2",
   "repository": "git://github.com/hapijs/crumb",
   "bugs": {
     "url": "https://github.com/hapijs/crumb/issues"

test/index.js

@@ -656,7 +656,7 @@ describe('Crumb', () => {
                                                         delete validHeader['x-csrf-token'];
                                                         server.inject({ method: 'POST', url: '/8', payload: JSON.stringify(payload), headers: validHeader }, (res12) => {
 
-                                                            expect(res12.statusCode).to.equal(403);
+                                                            expect(res12.statusCode).to.equal(200);
                                                             done();
                                                         });
                                                     });