Volneirj / project_v_ci_v1

0 stars 0 forks source link

Fix CSRF Token Cookie Issue for Secure POST Requests #27

Closed Volneirj closed 7 hours ago

Volneirj commented 8 hours ago

As a User of the web application, I want To perform actions that require CSRF-protected POST requests (e.g., adding items to the wishlist, submitting forms) without encountering a "403 Forbidden: CSRF token from POST incorrect" error. So that My interactions with the application are smooth, secure, and uninterrupted.

AC1 - The csrftoken cookie is set automatically when the user visits pages requiring CSRF-protected POST requests.

AC2 - No "403 Forbidden: CSRF token from POST incorrect" errors occur under normal user behavior.

AC2 - The application adheres to best practices for CSRF protection, including compatibility with browsers and cross-origin setups.

Volneirj commented 8 hours ago

Solution : Add @ensure_csrf_cookie Decorator:

Apply the @ensure_csrf_cookie decorator to views rendering forms or pages that perform CSRF-protected actions.

Volneirj commented 7 hours ago

Update: @ensure_csrf_cookie was added to views that might include forms or interactions requiring a CSRF token.