I believe I've reached a wall in my current project.
It seems the amber framework relies on webpack and subsequently jquery to handle csrf tokens.

I've since removed all JS/Webpack from the project and have got everything except delete requests working, not sure why.

I'm having now to figure out how to solve this with minimal or no JS and it's proving difficult.

Tomorrow I hope to figure this out and work on the last bit before launching v1

· · Web · 1 · 0 · 0


It's also worth mentioning that I had thought about removing CSRF but reluctant due to XSS attacks and having to write some other way deletion is handled.

I may end up using JavaScript to solve this, so this will require some reading tomorrow on best practices and perhaps look into Rails and see if anyone has solved it there.

Show thread
Sign in to participate in the conversation

Merveilles is a community project aimed at the establishment of new ways of speaking, seeing and organizing information — A culture that seeks augmentation through the arts of engineering and design. A warm welcome to any like-minded people who feel these ideals resonate with them.