Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Error: misconfigured csrf - Express JS 4

I am trying to enable the csrf module of Express 4 in an existing application.

I have added the following code:

var csrf = require('csurf')
...

app.use(csrf());

I have started my application and I get:

Error: misconfigured csrf

and a stack trace. Nothing else.

I have checked the documentation, but it is unclear. Can someone help? What is the minimum configuration required to use this module?

like image 684
Jérôme Verstrynge Avatar asked Jun 02 '14 14:06

Jérôme Verstrynge


2 Answers

I have found the solution. The call to app.use(csrf()) must be set after app.use(cookieParser()) AND app.use(session({...}).

like image 150
Jérôme Verstrynge Avatar answered Oct 31 '22 16:10

Jérôme Verstrynge


If you're using Redis as a session store and the server isn't running, you will also get a misconfigured error.

https://github.com/expressjs/csurf/issues/73

like image 15
Mike Avatar answered Oct 31 '22 16:10

Mike