Fork me on GitHub
#luminus
<
2017-03-10
>
mruzekw14:03:22

Does anyone know why *anti-forgery-token* might become unbound for a subset of routes?

mruzekw14:03:37

It seems to be the case everywhere except the home page

mruzekw14:03:39

I’m using layout/render everywhere, so I’m not sure what the issue is

kauko14:03:35

Any reason luminus uses the naming convention projectname.test.core for tests? I'd have thought projectname.core-test is the standard, since that's what CIDER assumes 😛

kauko14:03:27

I know I'm nitpicking, just wondering 🙂

kauko14:03:04

cljs tests seem to follow the standard CIDER assumes

mruzekw16:03:49

Looks like I need to use the wrap-csrf middleware everywhere too

mruzekw17:03:38

I can’t seem to get CSRF to work with AJAX calls. I must be missing. Does the wrap-csrf middleware use sessions at all? I’m manually setting a token for that

yogthos22:03:48

@kauko I use Cursive myself, I wasn’t aware of the projectname.core-test convention in cider 🙂

yogthos22:03:57

@mruzekw csrf middleware should be wrapped by ring-defaults, when you do ajax calls, you have to add the csrf header

yogthos22:03:51

it should go under x-csrf-token

yogthos22:03:13

and the server should populate the value in the template when it serves the page