quelsan
commented
5 years ago Closed quelsan closed 5 years ago
quelsan
commented
5 years ago 
jordan-wright
commented
5 years ago Thanks @quelsan! LGTM
The API client was appending an extra forward slash infront of all request paths, which caused the CSRF protection to trigger on state changing request. This commit fixes the issue.
Related issue in Gophish: https://github.com/gophish/gophish/issues/1506