Skip to content

bug: Ensure CSRF tokens are URL-safe by updating base64 encoding #6

Description

@Mido-sys

Description

Including the / character in the authenticity token may trigger Cloudflare's OWASP-managed ruleset, causing otherwise valid requests to be flagged as security threats.

To Reproduce

No response

Additional Context

Details

Details
Paste the output of `buffalo info` here!

Metadata

Metadata

Assignees

Labels

Type

No type
No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions