-
```
Traceback (most recent call last):
File "/base/alloc/tmpfs/dynamic_runtimes/python27/8882c914eb6132e9_unzipped/python27_lib/versions/third_party/webapp2-2.3/webapp2.py", line 1505, in __call__…
-
From the angular documentation I see this-
When performing XHR requests, the $http service reads a token from a cookie called XSRF-TOKEN and sets it as the HTTP header X-XSRF-TOKEN
Is this true in ca…
-
Hi Master,
followed the step to configure, but can't login with Error: 401,undefined, may I know any missing
-
I am building a new Frontend for the ots api but at each turn i am getting "invalid token" and "unauthorized as response"
what could be the issue i habve attached my code below. This smae request w…
-
Tracking issue for:
- [ ] https://github.com/partidodev/partido-server/security/code-scanning/1
Guide: https://www.baeldung.com/csrf-stateless-rest-api#enable-csrf-protection-with-rest-api
-
**XSRF** issue exists @ **root/register.jsp** in branch **master**
*Method = at line 7 of root\register.jsp gets a parameter from a user request from ""password1"". This paramet…
-
**Do you want to request a *feature* or report a *bug*?**
*bug*
**What is the current behavior?**
After the Power BI Report Server January 2022 release, RsRest methods have started issuing a warn…
-
A test failed on a tracked branch
```
AxiosError: Request failed with status code 500
at settle (node_modules/axios/lib/core/settle.js:19:12)
at IncomingMessage.handleStreamEnd (node_modules/…
-
[OWASP recommends](https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#login-csrf) to generate a new CSRF token after authentication:
> Remember th…
-
While writing some docs for the API, I saw that many endpoints do not need a csrf-token that maybe should need one. While a simple `/logout` just disturbs the user, a `DELETE /history` might produce s…