Fork me on GitHub
#biff
<
2022-11-15
>
m.q.warnock17:11:09

I'm getting a 403 for three out of four routes that seem like they're configured the same way. Any hints on debugging that?

m.q.warnock17:11:20

nevermind; I needed to wrap those inputs in a form. seems like a weird error for that

Jacob O'Bryant18:11:50

I'm guessing it's because biff/form adds a CSRF token--the 403 error is probably being thrown by ring.middleware.anti-forgery/wrap-anti-forgery. For debugging hints in general, when there's not anything useful in the terminal output, I often check the browser's network tab and inspect the request headers/body. e.g. in this case, if you compared the working request to one of the failed requests, maybe you'd see that the working one included a CSRF token. Might be worth having Biff throw a more specific error for this 🤷

👍 1
🙌 1
m.q.warnock18:11:19

I also discovered that I had an extra form being added by the ui element that did work, and when I added the outer form, I started getting a vector of two tokens. the error was confusing then too, but fortunately I had added a tap> to my own middleware

👌 1