SvelteKit offsers built-in CSRF protection, however for it to work properly on servers deployed on node, the app must know the URL it is being served from (e.g. ORIGIN=https://vinumdoc.com/ node build ).
Without this, the website will reject PUT, POST and DELETE requests from any domain, even the official one.
SvelteKit offsers built-in CSRF protection, however for it to work properly on servers deployed on node, the app must know the URL it is being served from (e.g.
ORIGIN=https://vinumdoc.com/ node build).Without this, the website will reject
PUT,POSTandDELETErequests from any domain, even the official one.