python (12.9k questions)

javascript (9.2k questions)

reactjs (4.7k questions)

java (4.2k questions)

java (4.2k questions)

c# (3.5k questions)

c# (3.5k questions)

html (3.3k questions)

Questions - csrf

403 invalid csrf token, Express, csurf, React and Axios

I am trying to implement CSRF protection to my API endpoints, I am using express and csurf, when making a post request using Axios from my react app I am receiving 403 invalid csrf token. I have been ...
test-img

Ozure

node.js

reactjs

express

axios

csrf

Votes: 0

Answers: 0

XSRF token validation

Since XSRF validation involves matching of cookie/token sent in the UI request with the request header as part of that same request, what are the options for testing locally? So assuming I run my UI l...
test-img

copenndthagen

javascript

cookies

jwt

csrf

x-xsrf-token

Votes: 0

Answers: 1

Latest Answer

What I usually do in such a case is to use /etc/hosts and use a subdomain for my code running locally. E.g. the UI is run on www.example.com and the server is on api.example.com, then in my hosts file...
test-img

Michal Trojanowski

Next.js and csrf token returns server side error

I'm using the library next-csrf (https://github.com/j0lv3r4/next-csrf) to protect api routes in my next.js application. I followed the documentation but the api now returns an error 500: {"messag...
test-img

ste

javascript

next.js

csrf

Votes: 0

Answers: 1

Latest Answer

Such error message is possible only in the case when cookie value is not a string. And according to next-csrf getCookie code the cookie value may be not a string, only in case when there are some coo...
test-img

Paul Rumkin

CSRF token cookie is not set for cross origin requests

The problem: In production my server and client are running in different origins (CORS). The client needs to store a cookie sent from the server, but it fails to do so even that the cookie attributes ...
test-img

Ron Michaeli

flask

cookies

axios

cross-domain

csrf

Votes: 0

Answers: 0

Posts

Questions

Blogs

Jobs