Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
syndarva2021-04-22 18:49:09
CSRF
syndarva, 2021-04-22 18:49:09

Do I need to enable CSRF for a SPA site?

Good afternoon. There is a front on Vue + Nuxt and a back on Laravel. Sanctum stands as a backing defense. Some POST requests require authorization, some do not. Do I need to set a CSRF token for all requests, or does Sanctum protect users enough?
Important comment: I don't use Laravel Blade.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
V
Vladislav Lyskov, 2021-04-22
@Vlatqa

No
UPD: go through the comments to this question Laravel + Nuxt: How to overcome error 419 - CSRF token mismatch?

Report
G
gomerIT, 2021-04-22
@gomerIT

No cookies - no csrf.

Report
S
Speakermen, 2021-04-22
@Speakermen

I think that yes, I'll look at the answers of more experienced ones, since I'm a coder. On laracaste, Laravel Authentication (Breeze, Jetstream, Fortify) is used for spa . There, a project was launched separately on vue and laravel on different ports About storing JWT tokens in browsers

Similar questions
A
Alexander Yelagin2016-05-10 23:27:28
Why doesn't Angularjs send CSRF-Token in request headers in Firefox browser? 1Reply
N
naneri2014-08-12 11:05:19
How to rewrite CSRF filter in Laravel for Angular? 2Reply
K
Kirill Nesmeyanov2014-11-07 13:23:21
Why is csrf not put in a cookie? 3Reply
D
Den26262019-08-13 22:08:17
How to get a token if there is a CSRF Token in the form? 4Reply
K
KamilFo2015-03-22 15:53:49
Where to store the contents of the CSRF token in the Backbone client? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question