Wappler Version: 6.7 Operating System: Windows 11 Server Model: NodeJS 20 Database Type: Postgres Hosting Type: Docker
Expected behavior
API calls with CSRF enabled should be processed correctly without getting stuck in the pending state.
Actual behavior
API calls with CSRF enabled are stuck in the pending state as observed in the network tab.
How to reproduce
Follow the global setup for CSRF and meta tags for CSRF as mentioned in this article (Using CSRF Tokens).
Make API calls that utilize CSRF, ex: POST
Observe that all API calls with CSRF are stuck in the pending state in the network tab.
Additional Information
This issue was identified after the update to version 6.7 and applying the latest changes.
The problem seems to be caused by changes in the lib/setup/routes.js file.
Looks like the changes made to the lib/setup/routes.js file in the latest updates are causing the API calls to fail.
I had already checked that; it was my first guess. However, after reverting the latest changes made to /lib/setup/routes.js, CSRF seems to work fine, i.e., 403 on CSRF failure and correct responses on valid CSRF.
I'm having the same issue on multiple domains, any form related activity is timing out with no console errors. I've disabled CSRF (which solves the issue) until we have a remedy.