timothypratley
commented
6 years ago Hi @raymcdermott,
It sounds like you are actually running 2 servers; figwheel and another server on 9090. If that is the case, you must load your page from 9090 in order for CSRF to work. So instead of navigating to the figwheel hosted page (localhost:3449), just use the 9090 hosted page (localhost:9090) instead.
However when you do that, be aware of this issue https://github.com/ptaoussanis/sente/issues/318
The ring site defaults do not send a CSRF when serving a file. So if you have something like index.html it still wont work... The way I work around that is (wrap-defaults app-routes (dissoc site-defaults :static)) so that instead my (route/resources "/") handles the request with a CSRF token. Can you confirm whether you are loading the page from a file? Please try disabling the ring static middleware and loading from 9090 if so.
Alternatively you can tell figwheel to use a specific ring handler and use that instead of running the 9090 port, and then you don't need to run the 9090 server.
I hope that helps, let me know if you are still having trouble with it.
raymcdermott
ptaoussanis
As you know, by default sente tries to connect to the host in the browser window, which is very convenient.
When using figwheel however the browser host points to the figwheel server and that gets sente confused, which is fair enough.
My solution was to add
:host "localhost:9090"to themake-channel-socket-client!options map. That got me connected.But I have a CSRF warning.
I am using the default ring middleware defaults from the sample project setup.
It might be that this warning only pops up in development in which case I can ignore it and move on but it makes me a little nervous so I hope that you folks don't mind me opening up the issue for the record (cos Slack is too forgetful).
I could proxy the
/chskroutes in figwheel if necessary but wondered if there is a simpler or more direct solution.