CSRF Token has been associated to this client" without disabling CSRF

Question

When I make a DELETE request from the client to the server, I come across with the error.

"CSRF Token has been associated to this client" . Response Code : 403 and Response Header

{
  "cache-control": "no-cache, no-store, max-age=0, must-revalidate",
  "content-length": "45",
  "content-type": "text/plain",
   "expires": "0",
  "pragma": "no-cache",
  "referrer-policy": "no-referrer",
  "x-content-type-options": "nosniff",
  "x-frame-options": "DENY",
 "x-xss-protection": "1 ; mode=block"
 }

After disabling CSRF from java code as you can see below, the problem is fixed.

  http.csrf( ).disable( );

But it is not secure to disable CSRF. Could you please help me not to get "CSRF Token has been associated to this client" error without disabling csrf ?

Thanks

score -1 · Answer 1 · answered Feb 11 '21 at 03:33

I also faced this issue and the easiest temporary solution I got is to disable web security in browser.

Create a directory

e.g.
/home/user/temp/google-chrome

Start chrome with web security disabled.

google-chrome --user-data-dir=/home/user/temp/google-chrome --disable-web-security

CSRF Token has been associated to this client" without disabling CSRF

1 Answers1