Open arvinddoraiswamy opened 10 years ago
Since .js files do not need a CSRF token I had added them to the excluded extensions array. But that caused .jsp to get ignored too. Need to improve regex.
Also make excluding extensions case insensitive.
Since .js files do not need a CSRF token I had added them to the excluded extensions array. But that caused .jsp to get ignored too. Need to improve regex.
Also make excluding extensions case insensitive.