Customize CSRF token error message

2025-02-18 21:20:39 +01:00 · 2025-01-25 23:20:26 +02:00 · 2025-01-25 23:20:26 +02:00 · 44ade6ad64
commit 44ade6ad64
parent 2d8da60ffc
1 changed files with 4 additions and 0 deletions
--- a/server.js
+++ b/server.js
@ -402,6 +402,10 @@ if (!disableCsrf) {
        });
    });

+    // Customize the error message
+    csrfSyncProtection.invalidCsrfTokenError.message = color.red('Invalid CSRF token. Please refresh the page and try again.');
+    csrfSyncProtection.invalidCsrfTokenError.stack = undefined;
+
    app.use(csrfSyncProtection.csrfSynchronisedProtection);
 } else {
    console.warn('\nCSRF protection is disabled. This will make your server vulnerable to CSRF attacks.\n');