Hey all! I’m trying to send a fetch post request to my backend. The request looks like so:
fetch(url, {
method: 'POST',
cache: 'no-cache',
credentials: 'same-origin',
headers: {
'x-csrf-token' : <%= csrf_token_value() %>
}
});
However, I’m recieving the following error:
[debug] ** (Plug.CSRFProtection.InvalidCSRFTokenError) invalid CSRF (Cross Site Request Forgery) token, please make sure that:
* The session cookie is being sent and session is loaded
* The request include a valid '_csrf_token' param or 'x-csrf-token' header
When I inspect the network activity, this is what I see:
Which looks like the header just isn’t being included in the request at all? What am I doing wrong here and how can I fix it?