Server config causing CSRF triggers |
The CSRF token is only verified when
Does your hardening turns every GET into a POST? If the request is not POST, then the 403 errors are due to some reason other than CSRF. When POSTing, the CSRF token_name/token_hash needs to be part of the posted data. |
Welcome Guest, Not a member yet? Register Sign In |