CSRF Token mismatch

[Linkto91]

Hi,

Firstly, thanks for your work !

I installed your plugin, I am working with CakePHP 3.7.

The problem is that I can't acceed to my page to add an user for example.
The error message is :

CSRF token mismatch. Cake\Http\Exception\InvalidCsrfTokenException
Documentation API

If you want to customize this error message, create src/Template/Error/error400.ctp
toggle vendor stack frames

    ⟩ Cake\Http\Middleware\CsrfProtectionMiddleware->_validateToken CORE/src/Http/Middleware/CsrfProtectionMiddleware.php, line 120

I understand that the problem is about the CSRF, I tried to resolved with a lot of solution but nothing to do, I don't understand why.

I tried to change the route, to remove :
// $routes->applyMiddleware('csrf');

All solutions to disable the CSRF on this page what I found on internet (Google) don't work.

When I access to the page for the view without send POST, the page works.

Thank you by advance.

[Linkto91]

I found the problem, the routes page was in the cache and doesn't actualize.

I removed it from the cache and I modified it like this :

if (substr($_SERVER['REQUEST_URI'], 0, 5) != '/api/') {
        $routes->applyMiddleware('csrf');
    }

Without this line :
// $routes->connect('/api/add', ['controller' => 'Api', 'action' => 'add', 'isRest' => true]);

The API already working, it's not forced to have it ?

Thanks