accept feature request: #1941

context/context.go

@@ -2795,6 +2795,24 @@ var (
 	// A shortcut for the `schema#IsErrPath`.
 	IsErrPath = schema.IsErrPath
 
+	// IsErrPathCRSFToken reports whether the given "err" is caused
+	// by unknown key error on "csrf.token". See `context#ReadForm` for more.
+	IsErrPathCRSFToken = func(err error) bool {
+		if err == nil || CSRFTokenFormKey == "" {
+			return false
+		}
+
+		if m, ok := err.(schema.MultiError); ok {
+			if csrfErr, hasCSRFToken := m[CSRFTokenFormKey]; hasCSRFToken {
+				_, is := csrfErr.(schema.UnknownKeyError)
+				return is
+
+			}
+		}
+
+		return false
+	}
+
 	// ErrEmptyForm is returned by
 	// - `context#ReadForm`
 	// - `context#ReadQuery`
@@ -2837,6 +2855,11 @@ var (
 	}
 )
 
+// CSRFTokenFormKey the CSRF token key of the form data.
+//
+// See ReadForm method for more.
+const CSRFTokenFormKey = "csrf.token"
+
 // ReadForm binds the request body of a form to the "formObject".
 // It supports any kind of type, including custom structs.
 // It will return nothing if request data are empty.
@@ -2848,6 +2871,9 @@ var (
 // If a client sent an unknown field, this method will return an error,
 // in order to ignore that error use the `err != nil && !iris.IsErrPath(err)`.
 //
+// As of 15 Aug 2022, ReadForm does not return an error over unknown CSRF token form key,
+// to change this behavior globally, set the `context.CSRFTokenFormKey` to an empty value.
+//
 // Example: https://github.com/kataras/iris/blob/master/_examples/request-body/read-form/main.go
 func (ctx *Context) ReadForm(formObject interface{}) error {
 	values := ctx.FormValues()
@@ -2859,7 +2885,7 @@ func (ctx *Context) ReadForm(formObject interface{}) error {
 	}
 
 	err := schema.DecodeForm(values, formObject)
-	if err != nil {
+	if err != nil && !IsErrPathCRSFToken(err) {
 		return err
 	}