minhaz

Can you test this with a very simple CI page and share the source generated with me?

Looking into it

@kanapuliAthavan this library works on a per request token model. Hence, for each request that gets successfully consumed, the token is reset and sent back with `cookie` header which w.r.t...

@kanapuliAthavan can you post here the screenshot of this request sent from network debugger? I am interested in headers and the params sent. Feel free to mask any confidential data.

is the project OSS, can you share more on how you did the integration?

@jimmy-p123 answers: 1. it's `30mins` by default. You can change it here: https://github.com/mebjas/CSRF-Protector-PHP/blob/master/libs/csrf/csrfprotector.php#L32 in your code. If you want to make it configurable, you can alter config file, and load...

@jimmy-p123 : for the cookie duration (1st part of it), could you resend a PR? As for other, amazing example. I get the issue: if there is a causality inconsistency...

@jimmy-p123 it is an interesting problem. Can you try replacing `libs/csrf/csrfprotector.php` with this https://gist.github.com/mebjas/df33433ec5584341d2f8b22d6fc67ccb and see if it works well for your case.

@jimmy-p123 status?

https://github.com/mebjas/CSRF-Protector-PHP/pull/78 closed, will send a new PR with corresponding changes. References mentioned in the PR comment.