python (65.1k questions)

javascript (44.2k questions)

reactjs (22.7k questions)

java (20.8k questions)

c# (17.4k questions)

html (16.3k questions)

r (13.7k questions)

android (12.9k questions)

Questions - csrf

Spring webflux with jwt + csrf token

I need to implement CSRF protection to my backend. I am using the below configurations. But applications allow Post and Get requests without CSRF token. @Slf4j @EnableWebFluxSecurity @EnableReactiveMe...
test-img

wthamira

vue.js

spring-security

spring-webflux

csrf

Votes: 0

Answers: 1

Latest Answer

By using the oauth2ResourceServer() DSL, you are telling Spring Security that you are not using cookie-based authentication, therefore you do not need CSRF protection. If you take a look at the OAuth2...
test-img

Marcus Hert da Coregio

How to implement CSRF protection with csurf in API calls without the use of template engines?

I'm developing a RESTfull API which uses express session and passport.js authentication to store the session in the connect-pg-simple store. I'm looking into implementing a CSRF protection with the cs...
test-img

Nima

javascript

node.js

postgresql

express

csrf

Votes: 0

Answers: 1

Latest Answer

Use Express as both React front end and API backend. There are boilerplates for that. The side benefit of this approach is CORS avoidance and therefore better security because there is no need for the...
test-img

winwiz1

How to send POST request to Flask API employing CSRF token from mobile device (android) app?

Question: How can I POST data from my android app to my flask web app which is employing CSRF protection? Background: I've built a website using Flask, and have protected it from CSRF attacks by globa...
test-img

BrandonW

python

android

flask

csrf

Votes: 0

Answers: 1

Latest Answer

You have not provided enough information here, but I faced a similar issue when I started learning about flask. So, I think this should be a similar case for you too. I was creating a simple webhook t...
test-img

Reetej Gandhi

Laravel/Vue - Sessions on firefox not working correctly (CSRF token mismatch, session data is null, etc)

I'm working on a project with Laravel and inline vue*. For submitting forms we use axios-calls. On chrome there is no issue, but in Firefox, with every axios call it gives back a 419 error 'csrf token...
test-img

BigLvM

laravel

vue.js

session

firefox

csrf

Votes: 0

Answers: 1

Latest Answer

Asked this question on r/laravel and it is solved. It looks like Firefox isn't sending the session cookie, wich will cause all the problems you described as a result. Use the browser developer tools ...
test-img

BigLvM

Posts

Questions

Blogs

Jobs