Hi, Here is my csrf and cors handler of my vertx application
private final Set httpMethodSet = new HashSet<>(Arrays.asList(GET, POST, OPTIONS, PUT, DELETE, HEAD));
private final Set headerSet = new HashSet<>( Arrays.asList("Content-Type", "Authorization", "Origin", "Accept", "X-Requested-With", "Cookie", "X-XSRF-TOKEN"));
router.route().handler(CorsHandler.create("*").allowedMethods(httpMethodSet).allowedHeaders(headerSet).allowCredentials(true).addOrigin(consoleConfiguration.getFrontendUrl()));
router.route().handler( CSRFHandler.create(vertx, csrfSecret()).setCookieHttpOnly(false)) .handler(sessionHandler);
Everything works fine in my local but when deploying in VM I get
ctx.fail(403, new IllegalArgumentException("Token signature does not match"));
it happens on this validation
byte[] signature = BASE64.encode(saltPlusToken); if (!MessageDigest.isEqual(signature, tokens[2].getBytes(StandardCharsets.US_ASCII))) { ctx.fail(403, new IllegalArgumentException("Token signature does not match")); return false; }from csrf handler of vertx. Is there any ways to solve it.
--
You received this message because you are subscribed to the Google Groups "vert.x" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vertx+un...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/vertx/4ffd3dfb-e6e3-406a-a063-be4832c93ad5n%40googlegroups.com.