Dashboard and anti forgery tokens

Tags: #<Tag:0x00007fa53b913128>


I am wondering if anyone has gotten the dashboard to work using anti forgery tokens? We’ve been doing some penetration testing and obviously found some cross site request forgery problems.

I understand the default is to allow local access only but it’s a nice option to have the dashboard in our app.

I see someone asked the same question a couple of years ago but he got no reply.

Any help appreciated