I'm having some trouble getting both these frameworks to use and verify csrf. Main problem is that angular's csrf is always undefined and csurf doesn't seem to verify any tokens at all (the app.post('/login') is always run successfully as though csurf was never integrated).
I'm having some trouble getting both these frameworks to use and verify csrf. Main problem is that angular's csrf is always
undefined
and csurf doesn't seem to verify any tokens at all (theapp.post('/login')
is always run successfully as though csurf was never integrated).Here is my attempt at getting a register form to use csrf: https://github.com/maplesap/csrf_test
You can run it with
node app.js
and then visit/register
to see the problem. Can anyone help?