You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm not sure of this is a bug or I'm missing something. But Tobi (which is otherwise excellent) seems to be sending a CSRF_COOKIE header that doesn't match anything in the cookieJar.
I'm positing a form using Tobi's submit() that fails CSRF verification (a regular desktop browser works fine).
The issue seems to be a difference between the form cookie and the HTTP Header.
However, my server received the following from Tobi's in its HTTP headers:
'CSRF_COOKIE': '347767c1a4baef48ab0272ca6ccfdf5f'
Where did the CSRF_COOKIE value come from (or more to the point, why can't I see it in cookieJar?) Has anyone encountered anything similar in the past?
Thanks,
Mike
The text was updated successfully, but these errors were encountered:
Hi there,
I'm not sure of this is a bug or I'm missing something. But Tobi (which is otherwise excellent) seems to be sending a CSRF_COOKIE header that doesn't match anything in the cookieJar.
I'm positing a form using Tobi's submit() that fails CSRF verification (a regular desktop browser works fine).
The issue seems to be a difference between the form cookie and the HTTP Header.
Gives:
[ { str: 'csrftoken=8a09c3f0b62939458018f74020c6744e; expires=Thu, 14-Feb-2013 15:26:31 GMT; Max-Age=31449600; Path=/',
name: 'csrftoken',
csrftoken: '8a09c3f0b62939458018f74020c6744e',
expires: Thu, 14 Feb 2013 15:26:31 GMT,
'Max-Age': '31449600',
Path: '/',
value: '8a09c3f0b62939458018f74020c6744e' },
{ str: 'sessionid=d82a0a4a691481df3fb72b8f3b9e4d8a; expires=Thu, 01-Mar-2012 15:26:31 GMT; Max-Age=1209600; Path=/',
name: 'sessionid',
sessionid: 'd82a0a4a691481df3fb72b8f3b9e4d8a',
expires: Thu, 01 Mar 2012 15:26:31 GMT,
'Max-Age': '1209600',
Path: '/',
value: 'd82a0a4a691481df3fb72b8f3b9e4d8a' } ]
However, my server received the following from Tobi's in its HTTP headers:
Where did the CSRF_COOKIE value come from (or more to the point, why can't I see it in cookieJar?) Has anyone encountered anything similar in the past?
Thanks,
Mike
The text was updated successfully, but these errors were encountered: