GoBuffalo CSRF issue on production build
Question
When I run the application in development mode, I do not have this issue.
But when I build for production and run that binary and whenever I try to submit a form I get below error -
level=error time="2020-07-26T17:32:36+05:30" msg="CSRF token invalid" content_type=application/x-www-form-urlencoded duration="48.59µs" form="{\"ContactEmail\":[\"arunko350@gmail.com\"],\"ContactNumber\":[\"09738080932\"],\"Name\":[\"Arun Kolhapur\"],\"authenticity_token\":[\"N23TgN8v295iQwsNWCZySXCC2KFtv4CRkumqZ8jDIeXasV6iA10qaWl+RZ2SOxyg9JjjDzmpiIyPqH1c56eoBw==\"]}" human_size="0 B" method=POST params="{\"ContactEmail\":[\"arunko350@gmail.com\"],\"ContactNumber\":[\"09738080932\"],\"Name\":[\"Arun Kolhapur\"],\"authenticity_token\":[\"N23TgN8v295iQwsNWCZySXCC2KFtv4CRkumqZ8jDIeXasV6iA10qaWl+RZ2SOxyg9JjjDzmpiIyPqH1c56eoBw==\"]}" path=/organisations/ request_id=6922434a6f81d2c5891e-5a617ab03f631a1937f8 size=0 status=500
Please help.
1 answers
solution1
0 2020-08-20 03:57:32
I ran into this yesterday. I was running a Buffalo app in production, on HTTP. I found that the session cookies Buffalo was creating were marked Secure , so they weren't sent on non-HTTPS requests.
My solution was to get a Let's Encrypt HTTPS certificate and run my app in production mode over HTTPS.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.