Quote:- I've hardened my FAMP stack and one or more of those customizations triggers CSRF in CI 3.1.2.
- I need to debug to get down to what exactly is causing the issue.
Put die statements in the core/Security class and log it step by step. You aren't triggering CSRF you're breaking it. I'd guess it's related to cookies because CSRF is pretty simple in how it works.