lusca icon indicating copy to clipboard operation
lusca copied to clipboard

Published 20 hours ago verified publisher icon krakenjs

set csrf token on response for bypassed POST urls

Open aravindsrivats opened this issue 3 years ago • 0 comments

When a URL is added to be bypassed, CSRF is not set in the response which leads to subsequent POST requests throwing a 403. This change sets the CSRF token in res.locals before bypassing the validation.

Fixes - https://github.com/krakenjs/lusca/issues/142

aravindsrivats avatar Dec 10 '21 06:12 aravindsrivats