I have a Symfony 3 application, which is deployed via Kubernetes. There is a page which has 2 forms and 2 datatables tables with server side processing. I am using Redis for session storage. I randomly get the error "The CSRF token is invalid. Please try to resubmit the form" when submitting either form. If I have any combination of only 2 (2 forms, 0 tables, 1 form, 1 table; 0 forms, 2 tables) I don't get the error. Token is sent with every form submission.
Could someone please provide some hint as to what could be the reason? I already tried the solutions to the similar questions on Stackoverflow, but to no avail.
Edit:
I just noticed that when the CSRF error occurs I don't see sf_redirect in the cookies. All successful calls have this cookie.
Update:
I found a solution. I updated my firewall config.
firewalls:
main:
stateless: trueBefore it was stateless: false
Make sure to include a fresh csrf_token in your html form
<input type="hidden" name="token" value="{{ csrf_token('[insert intended action here]') }}"/>To be sure the CSRF is on your form, you can add with {{ form_rest(form) }} but if you are on dev mode, maybe it's because you are not in https ?