Re: [Haskell-cafe] Yesod CSRF token

On Wed, 17 Feb 2016 18:14:17 +0000 Geraldus wrote:

Can you share your code?

If you make your POST requests via forms make sure that you generation forms with Yesod functions, in this case it will insert hidden field with CSRF token to resulting form widget automatically. If you sending requests via XHR make sure to use `defaultCsrfMiddleware` from Yesod.Core.

Hope this helps.

ср, 17 февр. 2016 г. в 15:38, fr33domlover :

I'm using yesod-auth-hashdb. The default login form. And I'm using defaultCsrfMiddleware, it's used by default in the scaffolding template. --fr33