Replies: 1 comment 2 replies
-
It depends on what you configured the CSRF header to be named. I'd assume that in your example code, the custom header is sent but itay not match the one that your API is expecting. Therefore, I'd check the browser devtools' network tab, double check the request headers, then see what header you've configured your API to expect |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
how to integrate CSRF Prevention in urql with yoga graphql?
https://the-guild.dev/graphql/yoga-server/docs/features/csrf-prevention
Beta Was this translation helpful? Give feedback.
All reactions