New posts

Compatibility for CSRF protection & Cloudflare full HTML page caching

Thread starter eva2000
Start date Apr 5, 2025

Visitor Greeting

Welcome to NullWarehouse.com... We are currently seeking Mod's and Contributors. If you wish to apply for a Mod position then please click on Members dropdown arrow, then click on Staff App and fill it out completely and submit it. If you want to be a Contributor then start contributing and we will have our eye on you and take notice, something great could come of it.

We have redone the forum. If you notice any issues or errors please open a Support Ticket under the Members dropdown and let us know.

Got something to Advertise? Do it here for just $15.00/mo

eva2000

Guest

Apr 5, 2025

I'm curious if there's any better way for CSRF protection that would work with Cloudflare or other CDN's guest full HTML page caching which uses cookies to differentiate between logged in/logged out guest users?

The issue that arises with Xenforo 2.x in CSRF and full page HTML caching is similar to the one outlined by Cloudflare for Magento and includes the workaround Magento did at blog.cloudflare.com. Easy work around for...

Read more

Continue reading...

Change sub-forum icon

CSRF token not always updated with XF.KeepAlive.refresh()

You must log in or register to reply here.

C	PWA Improvements and Enhanced CSRF Protection Chris D Apr 5, 2025 Xenforo RSS Feed
X	php 8.4+ compatibility Xon Dec 13, 2024 Xenforo RSS Feed
X	Is it possible to test migration and new feel with the old forum content? xsouku04 Jul 12, 2025 Xenforo RSS Feed
C	XenForo 2.4 status and what's new under the hood? Chris D Jun 13, 2025 Xenforo RSS Feed
D	Is it possible for New Resources to be NEW resources, not updated resources ? Digital Doctor May 10, 2025 Xenforo RSS Feed

Compatibility for CSRF protection & Cloudflare full HTML page caching

Visitor Greeting

We value your privacy