We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request header Csrf-Token: undefined
ssr: false, security: { enabled: true, csrf: { // optional https: false, // default true if in production cookieKey: '', // "__Host-csrf" if https is true otherwise just "csrf" cookie: { // CookieSerializeOptions from unjs/cookie-es path: '/', httpOnly: true, sameSite: 'strict' }, methodsToProtect: ['POST', 'PUT', 'PATCH'], // the request methods we want CSRF protection for // excludedUrls: ['/nocsrf1', ['/nocsrf2/.*', 'i']], // any URLs we want to exclude from CSRF protection // encryptSecret: /** a 32 bits secret */, // random bytes by default encryptAlgorithm: 'aes-256-cbc' }, }
await useCsrfFetch('api/auth/signup', { body: payload, method: 'POST', }); const { csrf } = useCsrf(); // undefined
Cookie: csrf=3c8a73c6-690c-48f2-92b4-3b100ef352ae;
The text was updated successfully, but these errors were encountered:
It is for SSR only?
export function useCsrf() { const nuxtApp = useNuxtApp(); if (process.server) { const res = nuxtApp.ssrContext?.event.node.res ?? {}; if ("_csrftoken" in res) { nuxtApp.payload.csrfToken = res._csrftoken; } } return { csrf: nuxtApp.payload.csrfToken }; }
Sorry, something went wrong.
Hey,
In the current version yes, but just in time, the author of the package that provides CSRF for Nuxt Security have fixed that in Morgbn/nuxt-csurf#8
I will be bumping nuxt csurf in the upcominng 1.0.0 version of NuxtSecurity
Stay tuned!
Successfully merging a pull request may close this issue.
Request header
Csrf-Token: undefined
The text was updated successfully, but these errors were encountered: