Closed genu closed 2 months ago
Baroshem
commented
6 months ago Hey Buddy,
Thanks for reporting this idea!
I wonder how it could be implemented. I think that it could be delivered by the usage of the enabled flag as an addition to the built in composables.
Would you like it to work for CSRF only or for anything else as well?
genu
commented
6 months ago For me, csrf is what I want to deal with, but I think similar situations can occur for any feature that adds auto imports.
Baroshem
commented
6 months ago I just checked the source code and tried few things and it seems to me that implementing this wont be easy.
CSRF support comes from an external module nuxt-csurf. Because of that, I do not have control over the auto import process.
Maybe the better option would be to submit an issue in https://github.com/morgbn/nuxt-csurf and then, I could upgrade the version of this module so that it will be accessible for all Nuxt Security users?
genu
commented
3 months ago Looks like this was fixed upstream :)
Baroshem
commented
3 months ago Awesome, I will add it for the 1.3.0 plan :)
Is your feature request related to a problem? Please describe.
When doing local development, its often easier to disable some of the security features to speed up development. For example, I want to disable CSRF when I'm developing because I don't have to do a page refresh whenever I make changes to the server (changing the server causes a rebuild which produces a different CSRF token)
The current behavior is that when you set
csrf: falseit also seems to remove the autoimports for theuseCsrf()composable, which produces errors. The same thing happens when settingenabled: falseDescribe the solution you'd like
I want to be able to disable features in the config without breaking the application or requiring me to update/change code.