expressjs / csurf Public

Notifications
Fork 206
Star 2.2k

Code
Issues 21
Pull requests 9
Actions
Security
Insights

Code
Issues
Pull requests
Actions
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

21 Open 178 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated

Most reactions

How I can validate csrf token one time with only a request question

#249 opened Dec 27, 2021 by longvd89

Occasional invalid CSRF tokens when using the SPA pattern awaiting more info

#247 opened Nov 17, 2021 by randomdross

Fetching csrf token from function not api route question

#245 opened Oct 25, 2021 by SKRILLEXIll

Hi, I'm trying to solve an approach I have with deferent servers.

#244 opened Sep 23, 2021 by jensysantana

Intermittent issue - "ForbiddenError: invalid csrf token". awaiting more info

#236 opened Mar 3, 2021 by Bala-Sutherson

3rd-party cookies blocked by Safari and Chrome on mobile

#235 opened Jan 26, 2021 by jrd656

Is it possible to set CSURF up with Postman?

#233 opened Jan 15, 2021 by jrd656

Skip csrf token some routes ref #21

#232 opened Dec 16, 2020 by standalone-coding

{ "message": "invalid csrf token" }

#226 opened Oct 28, 2020 by Ahsanbaloch

ForbiddenError: invalid csrf token when used behind a reverse proxy question

#214 opened May 29, 2020 by carlo161

csurf with appolo serve question

#212 opened Apr 26, 2020 by romainleduc

"ForbiddenError: invalid csrf token", but only sometimes. awaiting more info question

#204 opened Jan 7, 2020 by Monokai

Token Lifetime

#156 opened Jul 10, 2018 by ran-j

Feature add 'Encrypted Token Pattern' good first contribution

#121 opened May 20, 2017 by cmseaton42

per-page CSRF token support good first contribution

#120 opened May 10, 2017 by francisfernando

how to handle csurf function not being available on req object when a session store goes down discuss

#60 opened Mar 13, 2015 by kellyrmilligan

Remove cookie-parser requirement for double-submit cookies enhancement

#45 opened Jan 6, 2015 by dougwilson

Expose token validation function enhancement

#43 opened Dec 22, 2014 by jkrems

cookie option issues enhancement question

#14 opened May 28, 2014 by jonathanong 2.0.0

separating token creation and checking enhancement

#10 opened May 13, 2014 by mscdex 2.0.0

Always check CSRF token if request has body enhancement

#8 opened May 7, 2014 by dougwilson 2.0.0

ProTip! What’s not been updated in a month: updated:<2021-12-19.