CSRF checks fail with a standard EZproxy instance

A woman looking perplexed as her CSRF headers disappear in to the void
Photo by Annie Spratt on Unsplash

What’s going on

So what can you do

  1. reach out to all your customers who use a proxy and ask them nicely to update their proxy configurations
  2. implement a workaround where you pass the CSRF token to the server a different way and rewrite or extend your framework’s CSRF validation middleware to handle it
  3. turn off CSRF validation

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Secure a Github Webhook with Node.js | Dev Extent

How I Created My Own Search City and Country APIs

Double-Quoted Strings Are Binaries

React fetch data from an API using hooks

Implement Google Maps into your React Project

First Steps in Frontend Testing with TDD/BDD, Part II

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Tim Barclay

Tim Barclay

More from Medium

NodeJS vs AngularJS: Which is The Best For Your Project?

Firebase Auth Using Vue.js

Greppy: A Lightweight Perl/PHP Website Search Engine Based on Grep

GNU Grep

Using a Monorepo to Increase Sharing