GitHub

CSRF validation issue when multiple browsing

If you open these Urls in your browser: localhost/search in one tab and then localhost/contact in another, only the last which is contact page will pass the CSRF validation My workaround to this would ...
GitHub

[Bug]: CSRF Expiry timeout validation is based on Cookie Timeout

Essentially, we wanted to avoid the OAuth2 CSRF expiry screen by setting it to 8 hours. If the user stays on the login screen for more than 8 hours, it will show up; otherwise, it will work as it is.