yogthos
commented
7 years ago Yeah I agree that's definitely not obvious, and using a defn would be the best way to go here. I just pushed out a new version with the fix.
Closed mmower closed 7 years ago
yogthos
commented
7 years ago Yeah I agree that's definitely not obvious, and using a defn would be the best way to go here. I just pushed out a new version with the fix.
yogthos
commented
7 years ago Sounds like we could close this one? :)
alehatsman
commented
7 years ago @yogthos Let's close it.
yogthos
commented
7 years ago 👍
I made a new app using the reagent template. In my app I have a form that I want to post back to the compojure host app. No problem, as I have before, I stuff the anti-forgery-token into a hidden field and... then remember the form is being rendered client side and the token isn't available.
No problem. I figured I would put the token into a tag in the page so that the client can pull it out. So,
[:meta {:name "anti-forgery-token" :content *anti-forgery-token*}]but... hrmm... the output was:
<meta content="Unbound: #'ring.middleware.anti-forgery/*anti-forgery-token*" name="anti-forgery-token">To cut a long story short I finally noticed that the
loading-pageis adefof a static chunk of hiccup markup and not adefnof a function generating it. So at the point where it's rendered there is no session and, hence, no token.But it took me quite a bit of faffing about checking things out before I honed in on the session as the problem and tried to dump out the session from the
loading-pageand realised what was up.I may not be the brightest bulb on the landing but I figure this might unnecessarily trip up other people. I'm not sure if the answer is to use
defnin the template or just add a comment that might be noticed by future developers but I thought I'd leave a note about it.