search

whitecube / laravel-cookie-consent

Register, configure and ask for cookies consent in a EU-compliant way
MIT License
312 stars 37 forks source link

CSRF middleware exception needed for some endpoint #18

Closed gaud2029 closed 10 months ago

gaud2029 commented 10 months ago

the accept-all and essentials are using content-type text/html. it's not inject any csrf token information in the call so the calls is redirected with a 302.

You need to add these endpoint to the csrf middleware exceptions list.

toonvandenbos commented 10 months ago

Hi @gaud2029,

Could you elaborate? Thanks.

gaud2029 commented 10 months ago

I cannot reproduce the problem I had anymore so I guess this can be closed.

Basically some request were made as "application/json" and some other were made as "text/html"

I was having a 302 redirect and noticed that the request went through when I was adding those endpoint to the CSRF middleware exceptions array.

The only endpoint that was working was the "configure" endpoint.