Closed orb closed 13 years ago
The csrf header call here seems to duplicate the nexus call added here:
https://github.com/disqus/nexus/commit/ce8b32f0a1dfb20e8c9869379f889edd1b061217
When xhr.setRequestHeader is called multiple times, the browser sends a mangled token that looks like:
X-CSRFToken: [token], [token]
This fix simply removes the gargoyle token and allows nexus to take care of making sure the token exists.
The csrf header call here seems to duplicate the nexus call added here:
https://github.com/disqus/nexus/commit/ce8b32f0a1dfb20e8c9869379f889edd1b061217
When xhr.setRequestHeader is called multiple times, the browser sends a mangled token that looks like:
X-CSRFToken: [token], [token]
This fix simply removes the gargoyle token and allows nexus to take care of making sure the token exists.