nandita121189
commented
9 months ago Any update on the above? I'm also getting a similar issue.
Closed vacijj closed 8 months ago
nandita121189
commented
9 months ago Any update on the above? I'm also getting a similar issue.
Morgbn
commented
8 months ago Hello, does this happen in production ? or just in dev mode ?
nandita121189
commented
8 months ago This doesn't happen in the dev mode. It happens in the Production mode and that too intermitently. Like the first call gets passed but the 2nd fails. Sometimes the second call passes even though the first had failed.
sathishzakapps
commented
8 months ago @nandita121189 Do you run your nuxt in multiple instances and without Session Affinity? if so I think we have a problem with this module!!!
sathishzakapps
commented
8 months ago @Morgbn We are facing the same kind of issue where we are running nuxt instances in different machine and we get into the same issue. Do you have any work around/implementation for this?
We use
[nuxt-csurf](https://github.com/Morgbn/nuxt-csurf)implicitly vianuxt-security.After visiting the application the CSRF Tokens are valid and all forms (with server side validation or submissins) work as expected.
If we keep the window open or use only client side navigation, the CSRF Token verification fails (
403 CSRF Token Mismatch) after a while (approximately 10-15 minutes, not exactly measured) although the cookie__Host-csrfand the headerCsrf-Tokenare still send with the corresponding requests.If the page is reloaded the requests work for another certain time again. The cookie remains the same, but the
Csrf-Tokengets updated.