Hi!

Hope it's the right place to ask for help or/and advice.
Few days ago I switched to latest Tomcat 10.1.42.
After deyploy POST is not working due to missing CSRF token.
When I inspect HTTP request, CSRF token is in a payload as "_csrf" and the
value is correct.
But at the backend side I get

* AccessDeniedException = Invalid CSRF Token 'null' was found on the
request parameter '_csrf' or header 'X-XSRF-TOKEN'.*

Everything works fine with 10.1.39.
To be sure tried on 2 different Ubuntu servers - test and production
instance.

Anyone else having the same problem?

Some technical info:
- Ubuntu 24.04.2 LTS
- nginx/1.27.5 to handle SSL certificate
- Apache Tomcat 10.1.39 and 10.1.42
- Java 21
- Spring Boot 3.5.0

Thanks!

BR,
Hrvoje
-- 
*TheVegCat.com <https://thevegcat.com/>*
*VegCook.net <https://vegcook.net/>*
*horvoje.net <https://horvoje.net/>*

Reply via email to