Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[legacy-framework] Fix CSRFTokenMissmatch error for anonymous sessions after significant time of inactivity #2762

Merged
merged 4 commits into from
Oct 2, 2021

Conversation

flybayer
Copy link
Member

Closes: blitz-js/legacy-framework#304

What are the changes and their implications?

This fixes an issue where the anticsrf cookie is deleted after some days by various browsers. We still send anticsrf value to the client via a cookie, but now we move that value into localstorage where it won't be automatically removed by the browser.

Bug Checklist

  • covered by existing tests

kodiakhq[bot]
kodiakhq bot previously approved these changes Sep 29, 2021
@flybayer flybayer changed the title store anticsrf value in localstorage Fix CSRFTokenMissmatch error for anonymous sessions after significant time of inactivity. Sep 29, 2021
@flybayer flybayer changed the title Fix CSRFTokenMissmatch error for anonymous sessions after significant time of inactivity. Fix CSRFTokenMissmatch error for anonymous sessions after significant time of inactivity Sep 29, 2021
kodiakhq[bot]
kodiakhq bot previously approved these changes Oct 2, 2021
@flybayer flybayer merged commit 25782cd into canary Oct 2, 2021
@flybayer flybayer deleted the 2718 branch October 2, 2021 16:28
@itsdillon itsdillon changed the title Fix CSRFTokenMissmatch error for anonymous sessions after significant time of inactivity [legacy-framework] Fix CSRFTokenMissmatch error for anonymous sessions after significant time of inactivity Jul 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

CSRFTokenMissmatch for anonymous sessions
2 participants