Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(revert): httponly correction in CSRFMiddleware #3743

Merged
merged 1 commit into from
Sep 16, 2024

Conversation

cofin
Copy link
Member

@cofin cofin commented Sep 16, 2024

Reverts #3739

This is an incorrect usage of the protocol. The correct approach is to embed the csrf token within the form or template itself, so that it can be attached to the header.

@cofin cofin requested review from a team as code owners September 16, 2024 17:17
@github-actions github-actions bot added area/middleware This PR involves changes to the middleware size: small type/bug pr/internal labels Sep 16, 2024
@cofin cofin enabled auto-merge (squash) September 16, 2024 17:17
@cofin cofin merged commit 5a4bf20 into main Sep 16, 2024
24 checks passed
@cofin cofin deleted the revert-3739-csrf-httponly-cookietests branch September 16, 2024 17:21
Copy link

Copy link

Documentation preview will be available shortly at https://litestar-org.github.io/litestar-docs-preview/3743

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/middleware This PR involves changes to the middleware pr/internal size: small type/bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants