I made a new app using the reagent template. In my app I have a form that I want to post back to the compojure host app. No problem, as I have before, I stuff the anti-forgery-token into a hidden field and... then remember the form is being rendered client side and the token isn't available.
No problem. I figured I would put the token into a tag in the page so that the client can pull it out. So,
To cut a long story short I finally noticed that the loading-page is a def of a static chunk of hiccup markup and not a defn of a function generating it. So at the point where it's rendered there is no session and, hence, no token.
But it took me quite a bit of faffing about checking things out before I honed in on the session as the problem and tried to dump out the session from the loading-page and realised what was up.
I may not be the brightest bulb on the landing but I figure this might unnecessarily trip up other people. I'm not sure if the answer is to use defn in the template or just add a comment that might be noticed by future developers but I thought I'd leave a note about it.
I made a new app using the reagent template. In my app I have a form that I want to post back to the compojure host app. No problem, as I have before, I stuff the anti-forgery-token into a hidden field and... then remember the form is being rendered client side and the token isn't available.
No problem. I figured I would put the token into a tag in the page so that the client can pull it out. So,
[:meta {:name "anti-forgery-token" :content *anti-forgery-token*}]
but... hrmm... the output was:
<meta content="Unbound: #'ring.middleware.anti-forgery/*anti-forgery-token*" name="anti-forgery-token">
To cut a long story short I finally noticed that the
loading-page
is adef
of a static chunk of hiccup markup and not adefn
of a function generating it. So at the point where it's rendered there is no session and, hence, no token.But it took me quite a bit of faffing about checking things out before I honed in on the session as the problem and tried to dump out the session from the
loading-page
and realised what was up.I may not be the brightest bulb on the landing but I figure this might unnecessarily trip up other people. I'm not sure if the answer is to use
defn
in the template or just add a comment that might be noticed by future developers but I thought I'd leave a note about it.