CSRF Rejected in Production
Closed this issue · 0 comments
gmmcal commented
Describe the bug
In production environment, all requests are being rejected due to CSRF token being rejected by Heroku. This is due to current setup.
Additional context
This is a possible solution for the problem, but comes with extra cost http://til.obiefernandez.com/posts/875a2a69af-cloudflare-flexible-ssl-mode-breaks-rails-5-csrf