Angular 2 send no CSRF Token (XSRF-TOKEN) in Header

[h.schind]

Hello,

Angular 2 sends no "XSRF-TOKEN" Header.
In my case I use Nancy Server which is sending an "NCSRF" Token. I use "providers: [{ provide: XSRFStrategy, useValue: new CookieXSRFStrategy('NCSRF', 'NCSRF') }]" in my core module.
The NCSRF cookie is set by Nancy. But Angular 2 sends no token in header.
In my RequestOptions I set "withCredentials: true". That works with the JWT Token well. And the "NCFS" is also send as "cookie" on each request.

But I think there must be an Header in my server request with name "X-XSRF-TOKEN" in default and in my case "NCSRF". I changed the header name for test.
"X-XSRF-TOKEN" as header name doesn't work too.

I work with angular-cli Version ""1.0.0-beta.17". Angular Version "2.0.0".

Have anybody an idea?


[Alexander Khromov]

Hi,
did you find some workaround here?
I think i have same issue.
In my case when i run application on lite server with 'npm start' this works and X-XSRF-TOKEN header is sending to BE server.
But when i bundle my angular2 application with systemjs-builder and deploy it to apache web server
this header is not sending but XSRF-TOKEN cookie ( i use default names ) is present in a browser.

[Lucas Lacroix]

It looks like you're using an extremely old version of angular. It is probably suggested that you upgrade.

Beyond that, try to reproduce your issue in a plunker. Otherwise, no one will be able to really tell you what is possibly wrong with your code.

--
You received this message because you are subscribed to the Google Groups "Angular and AngularJS discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to angular+u...@googlegroups.com.
To post to this group, send email to ang...@googlegroups.com.
Visit this group at https://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.

--

Lucas Lacroix

Computer Scientist

Advanced Technology Division, MEDITECH

781-774-2293