Stack Overflow
Stack Overflow

Questions tagged [csrf-token]

Use this tag for questions related to csrf (Cross-site request forgery) that involves the generation of a token.

A csrf-token is a secret value added to a web form by the server and sent back by the user as part of a POST request, used to prevent cross-site request forgeries by making sure that the user sending the POST request has actually loaded the form.

466 questions
0
votes
0 answers

Laravel 6 X-CSRF-Token mismatch on ajax calls

I have spent nearly 2 days trying to solve this CSRF Token Mismatch issue. I have an app running on laravel 4.2 and it has no issues with Ajax calls. I have migrated the site to Laravel 6 but I am having issues with Ajax calls. I checked the site…
bodi87
  • 501
  • 1
  • 6
  • 18
0
votes
0 answers

Page Expires immediately in laravel website hosted in shared host

I have deployed my laravel website in a shared web hosting service provider. All other pages are working except pages like login, and register pages. The pages expire immediately i click the send button. The same pages are working properly on my…
Simbi Lewis
  • 1
  • 1
0
votes
1 answer

form.validate_on_submit(): and {{ form.csrf_token }} not working in a view.html with two forms

In http://127.0.0.1:5000/: If defaults are "0", message in each field: "This field is required". There are the message "csrf_token CSRF Token" above "compute0" and "compute1". Only compute0 works. click on compute0 shows the resulted. click on…
An 225
  • 3
  • 2
0
votes
1 answer

cakephp CSRF token Bypass

I am very new to PHP and having little knowledge about cakePHP I am trying to pass some sensitive information using POST method from site1.com to site2.com. But the Problem is with CSRF protection at site2.com, it shows CSRF token Mismatch whenever…
Neela Kanta
  • 1
0
votes
0 answers

CSRF verification failed. Request aborted. Reason given for failure: CSRF token missing or incorrect. Using Django

I keep getting the message and have tried/ made sure: My browser is accepting cookies That the view function passes a request to the template's render method in the Views.py file: Views.py File ## **from django.shortcuts import render,…
GoodKids
  • 11
  • 3
0
votes
1 answer

CSRF token to delete Airflow Dag in airflow UI using REST API call

The Purpose is to delete airflow dag from UI with rest api call. I tried the api call .../delete?dag_id= ,this rest call fails saying CSRF token is missing. How to get CSRF token from airflow server ? or is there a better way to delete dag…
Hemanth Kumar
  • 1
0
votes
1 answer

Laravel CSRF token mismatch exception. Sending "Put" request to a resource route via jQuery ajax

I am in a need to send a PUT request to a resource Route defined as : Route::resource('posts','PostController'); My code works fine like this : var data = $(this).serializeArray(); data.push( {name:'_token',value:"{{…
Sijan Bhattarai
  • 570
  • 2
  • 6
  • 25
0
votes
0 answers

What is the correct way for a client to store a CSRF token?

I make a call to a server on the /login endpoint, and it returns a session cookie as well as CSRF token in the return values (cannot store this as a cookie as it is not secure). Where can I store the CSRF value on the client so I can use it in my…
Andrew
  • 6,295
  • 11
  • 56
  • 95
0
votes
1 answer

Imperavi article editor token missmatch while uploading image

I don't usually post unless i get frustrated. I have been using Imperavi Article and unable to use it with VueJS. Following is the code for sending CSRF-TOKEN, but i keep getting error 419, token miss match. I am unable to solve this issue. I've…
manshu
  • 1,095
  • 2
  • 13
  • 28
0
votes
0 answers

How to exempt csrf token in flask application factory

I am using flask's application factory and I am trying to exempt a route. If I put csrf.exempt(team_routes.team_bp) it works, but I only need to exempt the team_bp.stat route. I have tried csrf.exempt(team_routes.team_bp.team_stats) csrf =…
user3525290
  • 1,557
  • 2
  • 20
  • 47
0
votes
1 answer

Codeigniter 3 multiple forms with ajax and csrf tokens working on one form only

I have admin page with multiple settings, each setting have different form in different tab. I am using ajax and to save data, and i didn't had any problems so far with csrf token when i had only one form on a page, or when i disable csrf token. On…
Mario
  • 518
  • 2
  • 19
0
votes
1 answer

How can I authenticate browser GET requests for an Express web app running on Firebase Cloud Functions?

I'm working on a web app running on firebase services. I've created an express back-end running on Firebase Cloud Functions and hosted on Firebase Hosting. I am trying to add authentication so only users with permissions can access admin pages. I…
xy coord
  • 1
0
votes
0 answers

python requests: problem with getting a request with www.ah.nl/mijn/inloggen

this is my code: import pygame import time from _thread import * import requests pygame.init() headers = { 'user-agent': 'Mozilla/5.0 (X11; CrOS x86_64 12871.91.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.127…
jpokemon
  • 1
0
votes
0 answers

Laravel CSRF token extend expiration lifetime beyond 2 hours

I hope you will help me in an issue seems to be common and not with a clear and simple solution. Here my case. I have Laravel project where users authenticate in their own pages. Here, there are some bootstrap modal with forms and CSRF token which…
Echecivuole
  • 93
  • 1
  • 11
0
votes
0 answers

Can I use a CSRF Token to authorize a session?

I have a website whose frontend sends a request with a CSRF token and I am storing it in the backend. I will use it verify users and prefill the data in some fields like email and name or even take him to a page where he left off. Is it the correct…
mohammed_ayaz
  • 620
  • 11
  • 16
1 2 3
30 31