Closed laymonage closed 1 year ago
If a new visitor visits the website without encountering any forms/page that includes a CSRF token, the CSRF token cookie is never set. Meanwhile, we rely on the cookie to handle the processing of the feedback form: https://github.com/wagtail/guide/blob/main/apps/frontend/static_src/js/feedback/index.js
but, no CSRF token is rendered in the HTML:
https://github.com/wagtail/guide/blob/main/apps/core/templates/components/feedback.html
Thus, the feedback form doesn't work, unless you've visited a page with a form that includes the CSRF token (e.g. /admin/)
/admin/
If a new visitor visits the website without encountering any forms/page that includes a CSRF token, the CSRF token cookie is never set. Meanwhile, we rely on the cookie to handle the processing of the feedback form: https://github.com/wagtail/guide/blob/main/apps/frontend/static_src/js/feedback/index.js
but, no CSRF token is rendered in the HTML:
https://github.com/wagtail/guide/blob/main/apps/core/templates/components/feedback.html
Thus, the feedback form doesn't work, unless you've visited a page with a form that includes the CSRF token (e.g.
/admin/)