Yes. I was wondering what is the easiest way to make it work with a single page cljs/reagent app.
I was looking at: http://www.luminusweb.net/docs/security.md#cross_site_request_forgery_protection and the token is added via template ({% csrf-token %}). Anyway, disabling it is enough for the moment :-) Il giorno lunedì 15 dicembre 2014 10:00:29 UTC+1, Daniel Kersten ha scritto: > I guess you would have to manually add the token as a parameter to your ajax > call. > > > On Mon, 15 Dec 2014 08:50 Cesare <[email protected]> wrote: > Thank you so much Nico! > > I updated my handler.clj with the mk-defaults stuff and it works! > > > > Anyway, is it possible to perform the anti-forgery check with clj-ajax? > > > > Thanks again! > > > > Il giorno sabato 13 dicembre 2014 21:22:04 UTC+1, Nicolás Berger ha scritto: > > > Cesare, > > > > > > > > > lib-noir uses site-defaults from ring-defaults. site-defaults enables > > anti-forgery by default: > > https://github.com/ring-clojure/ring-defaults/blob/master/src/ring/middleware/defaults.clj#L45 > > > > > > > > > Until 0.9.1, lib-noir was assoc'ing {:anti-forgery false}. That's not true > > anymore: > > https://github.com/noir-clojure/lib-noir/commit/83203b12ab1421a8493301e492df6dd2ff0dabad > > > > > > > > > > > > luminus-template was updated to handle that change, doing the > > {:anti-forgery false} assoc by default. You can create a new luminus > > project, or take a look to the template to see how it's doing it: > > https://github.com/yogthos/luminus-template/blob/master/src/leiningen/new/luminus/handler.clj#L57-L69 > > > > > > > > > Hope it helps! > > > > > > > > > Nico > > > > > > > > > > > > > > > On Fri, Dec 12, 2014 at 8:58 AM, Cesare <[email protected]> wrote:Hi > > All, > > > > > > I'm not sure this is the right place to ask... anyway: I have a Luminus > > project with cljs template (Clojurescript + Reagent). > > > > > > > > > > > > After upgrading lib-noir (now at 0.9.5), it seems that the anti-forgery > > check is now enabled by default. > > > > > > > > > > > > How can I manage it from ClojureScript, in particular in ajax calls? > > > > > > > > > > > > At the moment I get the error "Invalid anti-forgery token" for POST calls. > > > > > > > > > > > > Thanks a lot > > > > > > Bye > > > > > > > > > > > > -- > > > > > > Note that posts from new members are moderated - please be patient with > > your first post. > > > > > > --- > > > > > > You received this message because you are subscribed to the Google Groups > > "ClojureScript" group. > > > > > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > > > > > To post to this group, send email to [email protected]. > > > > > > Visit this group at http://groups.google.com/group/clojurescript. > > > > -- > > Note that posts from new members are moderated - please be patient with your > first post. > > --- > > You received this message because you are subscribed to the Google Groups > "ClojureScript" group. > > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > > To post to this group, send email to [email protected]. > > Visit this group at http://groups.google.com/group/clojurescript. -- Note that posts from new members are moderated - please be patient with your first post. --- You received this message because you are subscribed to the Google Groups "ClojureScript" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/clojurescript.
