No matter what I do, the cookie is still called XSRF-TOKEN.
Background: My actual problem is that I'm sharing some cookies via the subdomain so .example.de in the frontend but another application also has a XSRF-TOKEN so in my requests to my backend it uses the wrong XSRF-Token because they are called the same... That's why I've tried to set ' includeSubDomains' to false, but it didn't help.
Hey there.
I'm working on a legacy system and need to change the name of the CSRF-Token. I have tried many different options, but nothing seems to work.
No matter what I do, the cookie is still called
XSRF-TOKEN
.Background: My actual problem is that I'm sharing some cookies via the subdomain so
.example.de
in the frontend but another application also has a XSRF-TOKEN so in my requests to my backend it uses the wrong XSRF-Token because they are called the same... That's why I've tried to set ' includeSubDomains' to false, but it didn't help.