You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I had put wobserver behind a protected pipeline that included plug :protect_from_forgery (a wrapper around plug Plug.CSRFProtection) and could not get wobserver working at all (Safari would refuse to load the app.js for wobserver and the log would report a CSRF protection violation for cross-origin resources).
As soon as I removed :protect_from_forgery from the pipeline, wobserver worked just fine. It would be great to have documentation on how to enable CSRF protection, but at a minimum, users should be warned that wobserver is not currently compatible with Plug.CSRFProtection and :protect_from_forgery.
The text was updated successfully, but these errors were encountered:
I had put
wobserverbehind a protected pipeline that includedplug :protect_from_forgery(a wrapper aroundplug Plug.CSRFProtection) and could not getwobserverworking at all (Safari would refuse to load theapp.jsforwobserverand the log would report a CSRF protection violation for cross-origin resources).As soon as I removed
:protect_from_forgeryfrom the pipeline,wobserverworked just fine. It would be great to have documentation on how to enable CSRF protection, but at a minimum, users should be warned thatwobserveris not currently compatible withPlug.CSRFProtectionand:protect_from_forgery.The text was updated successfully, but these errors were encountered: