From 3534233a76e31d4ecd4aa8b56fae4d730660755e Mon Sep 17 00:00:00 2001
From: Simon <simon.sessingoe@gmail.com>
Date: Sat, 9 Dec 2023 18:39:33 +0100
Subject: [PATCH] Fixed included triggering on other request-types than post

---
 src/Pecee/Http/Middleware/BaseCsrfVerifier.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Pecee/Http/Middleware/BaseCsrfVerifier.php b/src/Pecee/Http/Middleware/BaseCsrfVerifier.php
index 7d26945..f9ce3fe 100644
--- a/src/Pecee/Http/Middleware/BaseCsrfVerifier.php
+++ b/src/Pecee/Http/Middleware/BaseCsrfVerifier.php
@@ -98,7 +98,7 @@ protected function skip(Request $request): bool
      */
     public function handle(Request $request): void
     {
-        if ($this->skip($request) === false && ($request->isPostBack() === true || $this->isIncluded($request) === true)) {
+        if ($this->skip($request) === false && ($request->isPostBack() === true || $request->isPostBack() === true && $this->isIncluded($request) === true)) {
 
             $token = $request->getInputHandler()->value(
                 static::POST_KEY,