3👍
✅
Depending on how your Vue app is structured you could either add the CSRF-token to the cookies, or to your store after authentication is successful. To achive CSRF protection, set it in the request headers for all state changing requests methods made by your frontend application.
fetch("/someurl", {
method: "POST",
headers: {
"Content-Type": "application/json",
"X-CSRF-TOKEN": getCookie("csrf_access_token"),
},
credentials: "same-origin",
body: JSON.stringify(data),
})
It needs to be validated by the backend before whatever function is executed.
Source:stackexchange.com