CSRF_COOKIE header used by .submit() doesn't seem to match cookieJar #75
Description
Hi there,
I'm not sure of this is a bug or I'm missing something. But Tobi (which is otherwise excellent) seems to be sending a CSRF_COOKIE header that doesn't match anything in the cookieJar.
I'm positing a form using Tobi's submit() that fails CSRF verification (a regular desktop browser works fine).
The issue seems to be a difference between the form cookie and the HTTP Header.
console.log(browser.cookieJar.cookies)
Gives:
[ { str: 'csrftoken=8a09c3f0b62939458018f74020c6744e; expires=Thu, 14-Feb-2013 15:26:31 GMT; Max-Age=31449600; Path=/',
name: 'csrftoken',
csrftoken: '8a09c3f0b62939458018f74020c6744e',
expires: Thu, 14 Feb 2013 15:26:31 GMT,
'Max-Age': '31449600',
Path: '/',
value: '8a09c3f0b62939458018f74020c6744e' },
{ str: 'sessionid=d82a0a4a691481df3fb72b8f3b9e4d8a; expires=Thu, 01-Mar-2012 15:26:31 GMT; Max-Age=1209600; Path=/',
name: 'sessionid',
sessionid: 'd82a0a4a691481df3fb72b8f3b9e4d8a',
expires: Thu, 01 Mar 2012 15:26:31 GMT,
'Max-Age': '1209600',
Path: '/',
value: 'd82a0a4a691481df3fb72b8f3b9e4d8a' } ]
However, my server received the following from Tobi's in its HTTP headers:
'CSRF_COOKIE': '347767c1a4baef48ab0272ca6ccfdf5f'
Where did the CSRF_COOKIE value come from (or more to the point, why can't I see it in cookieJar?) Has anyone encountered anything similar in the past?
Thanks,
Mike