Stack Overflow
Stack Overflow

Questions tagged [csrf-token]

Use this tag for questions related to csrf (Cross-site request forgery) that involves the generation of a token.

A csrf-token is a secret value added to a web form by the server and sent back by the user as part of a POST request, used to prevent cross-site request forgeries by making sure that the user sending the POST request has actually loaded the form.

466 questions
0
votes
0 answers

How do I get CSRFToken cookie in C#?

ok i might be dumb cause im the only one asking this kind of question since i saw no similar questions but excuse me for that :|. quarantine just keep making me tryna learn more programming languages, got nothin to do. sorry if i kept asking for…
Authorized
  • 53
  • 2
  • 7
0
votes
1 answer

Both rails applications have an CSRF authentication problem in my local dev environment

I have two rails applications. From one day to another both produce an ActionController::InvalidAuthenticityToken exception. I can call the login page, but when I try to login, the exception raises and in the console I find "Can't verify CSRF token…
Jochen Kunze
  • 583
  • 1
  • 5
  • 17
0
votes
1 answer

I get "ForbiddenError: invalid csrf token" when I try to use {cookie: { secure: true }} session configuration. How do I implement this?

I do not understand why this is not working. I get this "ForbiddenError: invalid csrf token" message rendered when i click login, but I read that the {cookie: {httpOnly: true, secure: true}} options must be enabled in the session in order to get a…
ce-loco
  • 262
  • 4
  • 10
0
votes
0 answers

I get a org.springframework.security.web.csrf.Invalid Csrf Token Exception while CSRF is disable feature is disabled

I call a HTTP post method first time, I catch an MissingCsrfTokenException because session is null, so I add bellow line to configuration .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS) after the change, I try again but at…
Mohammad Sadegh Rafiei
  • 486
  • 1
  • 5
  • 14
0
votes
0 answers

How to make AJAX request in CodeIgniter with csrf protection?

I'm trying to make an AJAX request with csrf protection ON. This is my code: View: var csrfName = "security->get_csrf_token_name(); ?>"; var csrfHash = "security->get_csrf_hash(); ?>"; $.ajax({ url …
Vahn
  • 542
  • 1
  • 10
  • 25
0
votes
1 answer

Django Template: Csrf token invalid for multiple post request in the same form

Im working on a Django project and got stuck in a problem that involve csrf token. I have a form that i handle the submit with javascript function, because in the same form i need to perform 2 POST. Form is something like that:
{% csrf_token…
sh3dir
  • 3
  • 3
0
votes
0 answers

CSRF - Instagram Account Login

Introduction Hi, I'm currently trying to develop a console application that sends requests to the instagram server for login. Problem I currently do not know how to modify the source code to use the CSRF token to log in with an Instagram…
Fuxaa
  • 1
  • 2
0
votes
1 answer

CSRF in Ionic with multi tenant and multiple domain JHipster backend

I have a JHipster multi tenant backend with domains like tenant[.env].domain.ltd with csrf enabled. We are making a mobile app with Ionic and this app can store authentications on several tenants. In this mobile app we set
jona303
  • 1,358
  • 1
  • 9
  • 27
0
votes
2 answers

Where should I generate the CSRF token?

I'm using csurf to handle CSRF tokens in my express application, but I don't know where I'm supposed to create the token. I can't use the sign-in route, because the req.csrfToken() function is not available. app.use(csrf({ cookie: true })) …
SpoKaPh
  • 167
  • 2
  • 12
0
votes
1 answer

Loging with python without form data

I want to login to site: 'https://portal.librus.pl/rodzina/synergia/loguj' with requests in python, unfortunately if you inspect and go to network settings it shows main method without 'form data', in addition it has csrftoken placed in script like…
KacperYZ
  • 1
0
votes
1 answer

CSRF Token in Mean Stack

I am not able to integrate CSRF token of express with XSRF TOKEN of Angular. I am using the given tutorial https://jasonwatmore.com/post/2020/09/08/nodejs-mysql-boilerplate-api-with-email-sign-up-verification-authentication-forgot-password. I know…
Ahsan Abdul Salam
  • 5
  • 4
0
votes
1 answer

AJAX request and csrf token

So from my cart page I want to rend an AJAX request to Django server. It is made to update the number of items in my cart and the checkout price. Here is my AJAX request $('.plus').click(function() { var productId =…
Nikita Prokaiev
  • 77
  • 5
0
votes
1 answer

Is CSRF Security Dependent on Front-End?

I'm trying to figure out if I completely understand CSRF security properly. Based on: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html In all scenarios it seems like your frontend has to have the…
NightMNKY
  • 161
  • 2
  • 6
0
votes
1 answer

{% csrf_token %} printing as text from js file django

{% csrf_token %} printing as text from js file in Django the code is working if use it in script tag but when I try to use from an external js file it doesn't work HTML
BUILD YOUR RESUME
Vardhman Jain
  • 49
  • 4
0
votes
0 answers

How to handling csrf token in cookies in angular

TS constructor( private global: GlobalService ) { } login() { const data = { 'username': 'admin', 'password': 'admin@123' }; this.global.postData('users/', data).pipe(take(1)).subscribe((x: any) => { console.log(x); …
user13780186
1 2 3
30 31