Bug Description

On v3 (and v2, but if it's fixed on v3 I'm fine) csrf.ConfigDefault{} has both fields 'KeyLookup' and 'Extractor'.

var ConfigDefault = Config{
    KeyLookup:      "header:" + HeaderName,
    CookieName:     "csrf_",
    CookieSameSite: "Lax",
    IdleTimeout:    30 * time.Minute,
    KeyGenerator:   utils.UUIDv4,
    ErrorHandler:   defaultErrorHandler,
    Extractor:      FromHeader(HeaderName),
}

The documentation says :

"KeyLookup will be ignored if Extractor is explicitly set."

So getting csrf.ConfigDefault, and change the "KeyLookup" to a form based parameter (for example) before calling csrf.New() with it, will do nothing, as Extractor is still set.

We have to set Extractor to nil for csrf to create the Extractor according to KeyLookup.

How to Reproduce

Steps to reproduce the behavior:

config := csrf.ConfigDefault
config.KeyLookup = form:"csrf"
app.Use(csrf.New(config))
...

Expected Behavior

Changing "KeyLookup" should be enough and "Extractor" should not be set on csrf.ConfigDefault

Fiber Version

v3

Code Snippet (optional)

Checklist:

• I agree to follow Fiber's Code of Conduct.
• I have checked for existing issues that describe my problem prior to opening this one.
• I understand that improperly formatted bug reports may be closed without explanation.