-
It seems as though the package only accounts for a token to come through. I am using laravel with inertiajs which uses the XSRF header and cookie but it doesn't seem like that will work. Am I missing …
-
### Describe the bug
In axios 1.6.7 i get token from breeze auth laravel 11.
`console.log('token '+r.config.headers["X-XSRF-TOKEN"])
localStorage.setItem(
"x-xsrf-token",
…
-
I noticed that FreshDNS is vulnerable to [Cross-Site Request Forgery](https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)), allowing an attacker to e.g. delete all zones on your server i…
-
## Summary
Users can't upgrade Elastic rules without customizations but with rule type change rule update preview flyout.
**Steps to reproduce:**
1. Setup the environment as described below
2. Open…
-
## Summary
Query bar for editing KQL/Lucene query allows to manage query filters. Some prebuilt rules have such filters. Saving query bar with filters leads to extra fields like `alias: null` appeari…
-
Right now we're using the notebook server config `c.NotebookApp.disable_check_xsrf` in jupyter_notebook_config.py, but this may not be a good solution long-term (line 72)
Maybe @web.authenticated f…
-
```
do buducnosti - chceme nejaky sposob, ako si podpisovat requesty a chceme
podpisovat kazdy post request, inak nam hrozi request forgery (i ked je to
trochu tazsie ako s get requestami, ale aj ta…
-
I'd like to argue that it's a misfeature at this point due to:
- cookie is always present, which makes things like caching harder
- it's really hard to get started for newcomers as GET/POST reques…
-
Any reason to not use xsrf_form_html? I believe we're not using Tornado's native XSRF protection at this time. Need to add `"xsrf_cookies": True,` into settings. More details [here](http://tornado.rea…
-
Hi.
Was checking your kick.com api wrapper but can't figure out how to get the XSRF_TOKEN, COOKIE & TOKEN. How do you get those?
Thanks