-
Hi.
Was checking your kick.com api wrapper but can't figure out how to get the XSRF_TOKEN, COOKIE & TOKEN. How do you get those?
Thanks
-
**Description**
I am integrating a 2FA flow within a Single Page Application (SPA) and have implemented an endpoint (GET /set_csrf_cookie) similar to Laravel Sanctum. This endpoint sets a CSRF-TOKE…
-
A somewhat more recent approach to CSRF is setting `samesite=strict` on a cookie. SameSite is handy because it allows the browser to enforce the same-site-ness of a request, without needing applicatio…
-
The xsrf cookie is not refreshed gracefully when it expires. Form-based applications will usually be OK since they will request a page with a fresh token before any form submission, but long-lived AJ…
-
When using jupyterhub-samlauthenticator with Jupyterhub 4.x I'm getting the following login error:
403 : Forbidden
'_xsrf' argument missing from POST
There is a similar issue reported by a some…
-
Loved your talk at https://www.youtube.com/watch?v=NRg-rsMEdQs
The code doesn't include the XSRF interceptor thing, or did I miss it?
Thanks!
-
## Description
When using JupyterLab + `jupyter_server` an attacker can pass a redirect using _xsrf HTTP param and cookie to bypass CORS checks (`c.ServerApp.allow_origin_pat`). Using `jupy…
-
## I'm submitting a...
[ ] Regression (a behavior that used to work and stopped working in a new release)
[ X] Bug report
[ ] Feature request
[ ] Documentation issue or request
[ ] Supp…
-
Was just setting up and testing using the following code
```python
from typing import Annotated
from fastapi import FastAPI, Depends
from fastapi_nextauth_jwt import NextAuthJWT
from fastapi.mi…
-
A test failed on a tracked branch
```
AxiosError: Request failed with status code 500
at settle (node_modules/axios/lib/core/settle.js:19:12)
at IncomingMessage.handleStreamEnd (node_modules/…