New token on every request issue. #111
Unanswered
kleb741985
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi! I'm trying to configure csrf-csrf on my application.
The issue I'm running into is that the csrf token is changing on every request. I wouldn't want this to happen as this would hinder the user experience (for instance, when opening multiple tabs).
Basically whenever a page is rendered, I call the
generateCsrfTokenutility. This will validate the 2 tokens (the cookie and the request header). The thing is that the validation will fail as the rendering (GET) request is only sending the cookie, not the header (as it's actually trying to get one). This will make it so that the cookie changes on every request.I feel like I'm making a very basic mistake, but I'd love to hear your thoughts on it. Thanks!
Beta Was this translation helpful? Give feedback.
All reactions