While caching csrf tokens are cached and breaks the validation of all forms on the page. Maybe someone will tell me how i can use caching and in same time to avoid caching of csrf tokens.?
Caching forms with csrf tokens is problematic, this problem exists in all frameworks, you can inspire in Symfony cook book
https://symfony.com/doc/current/cookbook/cache/form_csrf_caching.html
Solutions is:
- Use block caching and dont cache forms with CSRF tokens.
- Use AJAX to replace cached tokens with fresh ones.
3) Use JWT :D