Closed kaedub closed 2 years ago
So the anti-csrf token is tied to a specific session. You can't copy the token from one session and use it in another.
So in insomnia, you first need to clear all cookies (remove session from insomnia), then make any request to the backend. That will automatically create an anon session and set cookies in insomnia. You'll then need to get the correct anti-csrf token from that cookie in insomnia.
@flybayer thanks for the response. I guess I was just doing this wrong then. You can close this issue.
What is the problem?
I'm trying to test some functionality through a RPC route and am getting 401
CSRFTokenMismatchError
even though I have provided a validanti-csrf
token header.Paste all your error logs here:
Paste all relevant code snippets here:
Not sure if it's relevant, but I have a hardcoded access token in
seeds.ts
that, in a previous version of Blitz, I used to be able to use to make requests to the dev server API.Happens with all RPC routes so I have no other relevant code snippets.
What are detailed steps to reproduce this?
antiCSRFToken
in a React component.anti-csrf
header into Insomnia.Run
blitz -v
and paste the output here:Please include below any other applicable logs and screenshots that show your problem:
No response