Category "csrf"

Configuring CSRF tokens with apollo client and graphene-django

I am having trouble properly setting up csrf tokens in the authlink header. const authLink = setContext((_, { headers }) => { const token = localStorage.

HTTP Error 418 (Teapot Error) on Link to FlightRadar24 When Server on Localhost

I am writing a Rails web application that presents OurAirports airport data to the user. One convenience I provide is a link to the FlightRadar24 web site for t

CSRF token is not set when first accessing Laravel Application on shared hosting (419 Page Expired)

I deployed my laravel application in a shared hosting system and the application works fine, but every time I open the website for the first time in a new brows

What is the point of X-CSRF-TOKEN or X-XSRF-TOKEN, why not just use a strict same site cookie?

Frameworks such as laravel and others require you place the csrf token in your HTML forms. However at the same time laravel comes by default with the VerifyCsrf

Zend framework 2 - csrf regenerates on refresh

I am having a problem with the Zend Framework 2 formElement csrf. It works fine until I submit an invalid form, hit the same page then refresh the page. A "no

Apparently Random Error: "Antiforgery token validation failed. The antiforgery cookie token and request token do not match."

Background I have a relatively new ASP.NET Core 2 site. It's running on just one server (Windows Server 2012 R2, IIS 8.5), and I only restart the site once eve

CookieCsrfTokenRepository allows the client to create its own Csrf Tokens

CookieCsrfTokenRepository sets a cookie and on subsequent requests it just just compares the cookie value from the client with the cookie value from the header.