sails.js error uploading big file with csrf enabled

Question

I am using sails.js beta 0.10

The file upload works fine for small files but for big files it gives this error:

error: Server Error:
error: TypeError: Object #<ServerResponse> has no method 'view'
    at Object.forbidden (/home/mandeep/iqr/esurvey/api/responses/forbidden.js:81:19)
    at ServerResponse.bound [as forbidden] (/home/mandeep/iqr/esurvey/node_modules/lodash/dist/lodash.js:729:21)
    at /home/mandeep/iqr/esurvey/node_modules/sails/lib/hooks/csrf/index.js:65:28
    at createToken (/home/mandeep/iqr/esurvey/node_modules/sails/node_modules/express/node_modules/connect/lib/middleware/csrf.js:82:44)
    at /home/mandeep/iqr/esurvey/node_modules/sails/node_modules/express/node_modules/connect/lib/middleware/csrf.js:48:24
    at routes.before./* (/home/mandeep/iqr/esurvey/node_modules/sails/lib/hooks/csrf/index.js:62:34)
    at routeTargetFnWrapper (/home/mandeep/iqr/esurvey/node_modules/sails/lib/router/bind.js:176:5)
    at callbacks (/home/mandeep/iqr/esurvey/node_modules/sails/node_modules/express/lib/router/index.js:164:37)
    at param (/home/mandeep/iqr/esurvey/node_modules/sails/node_modules/express/lib/router/index.js:138:11)
    at pass (/home/mandeep/iqr/esurvey/node_modules/sails/node_modules/express/lib/router/index.js:145:5) [TypeError: Object #<ServerResponse> has no method 'view']

However it works perfectly if I disable csrf. Any idea ?

Answer 1

This may be a timing issue where the _csrf field isn't parsed quickly enough if the uploaded file is very large. A possible workaround would be to send the CSRF token in a header instead of using a request parameter. You can do this by setting the X-CSRF-Token header in your request to the CSRF token value.

Answer 2

Another approach to this is to move the csrf hidden field in the form above the file input. Then it will be parsed by the server first.