Closed AmitKB closed 2 years ago
A post route handler is called by Azure AD as a result of authentication POST response. Is it possible to exclude CSRF check for such route?
You can instead do something like this:
app.use((ctx, next) => { // detect if it's docker if (isDocker) return next(); return new CSRF({ ... })(ctx, next); });
A post route handler is called by Azure AD as a result of authentication POST response. Is it possible to exclude CSRF check for such route?