axios
Problem Request Headers X-XSRF-TOKEN
Describe the bug
I use Springboot 2.5.14 for Backend. The config manages the Cors and CSRF is enabled. When I request from frontend to the backend, it returns a cookie for XSRF-TOKEN and JSESSIONID. For each request to backend, it sends the cookie with XSRF-TOKEN and JSESSIONID and other value for X-XSRF-TOKEN.
I have no problem with Axios: 1.5.0 . I upgraded to 1.6.2 for resolve security problem. I remarked when I push a Post request axios , cookie is sent and X-XSRF-TOKEN is missed. The Backend refuse the request and returns a message "Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN" . I rewrite the body request Axios axios({ method: "post", url: apiUri + "/api/recherche", data: { nom :' TINTIN' }, headers: { "X-XSRF-TOKEN": document.cookie.substring(11) }, }); return axios; After request , cookies and X-XSRF-TOKEN values are sent , and BAckend launchs http 500 ERROR and the value of field non is empty
To Reproduce
No response
Code snippet
No response
Expected behavior
No response
Axios Version
1.6.2
Adapter Version
axios request
Browser
Mozilla Firefox , Chrome Google
Browser Version
119.0.1(64Bits) Mozilla -- 119.0.6045.124(64 bits) Chrome
Node.js Version
18.0.1
OS
window 10
Additional Library Versions
Vue JS 3 -- VITE 6 Springboot ---Springboot 2.5.14
Additional context/Screenshots
No response
See https://github.com/axios/axios/releases
You have to add "withXSRFToken"
I did it in my react-app with laravel-backend as a default
axios.defaults.withXSRFToken = true;
where should i add it in my nextjs app??
in Axios header or you can use
axios.defaults.withXSRFToken = true
@anwarhossain1
I have added it still i am getting same error with third party api calls. These api calls are breaking only after version upgrade of axios to 1.6.3. I don't know what is happening. Please take a look if it is possible.
change your server port to 'localhost:800'. And to do that use 'php artisan serve --host=localhost --port=8000' command.
