-
-
Notifications
You must be signed in to change notification settings - Fork 11k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem Request Headers X-XSRF-TOKEN #6086
Comments
See https://github.com/axios/axios/releases You have to add "withXSRFToken" I did it in my react-app with laravel-backend as a default |
Thanks ! It works |
where should i add it in my nextjs app?? |
in Axios header or you can use
|
I have added it still i am getting same error with third party api calls. These api calls are breaking only after version upgrade of axios to 1.6.3. I don't know what is happening. Please take a look if it is possible. |
Describe the bug
I use Springboot 2.5.14 for Backend. The config manages the Cors and CSRF is enabled. When I request from frontend to the backend, it returns a cookie for XSRF-TOKEN and JSESSIONID.
For each request to backend, it sends the cookie with XSRF-TOKEN and JSESSIONID and other value for X-XSRF-TOKEN.
I have no problem with Axios: 1.5.0 . I upgraded to 1.6.2 for resolve security problem. I remarked when I push a Post request axios , cookie is sent and X-XSRF-TOKEN is missed. The Backend refuse the request and returns a message "Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN" . I rewrite the body request Axios
axios({
method: "post",
url: apiUri + "/api/recherche",
data: {
nom :' TINTIN'
},
headers: { "X-XSRF-TOKEN": document.cookie.substring(11) },
});
return axios;
After request , cookies and X-XSRF-TOKEN values are sent , and BAckend launchs http 500 ERROR and the value of field non is empty
To Reproduce
No response
Code snippet
No response
Expected behavior
No response
Axios Version
1.6.2
Adapter Version
axios request
Browser
Mozilla Firefox , Chrome Google
Browser Version
119.0.1(64Bits) Mozilla -- 119.0.6045.124(64 bits) Chrome
Node.js Version
18.0.1
OS
window 10
Additional Library Versions
Additional context/Screenshots
No response
The text was updated successfully, but these errors were encountered: