Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Last revision Both sides next revision | ||
litespeed_wiki:cache:laravel_esi [2019/04/22 16:40] Lucas Rolff Change wiki to use laravel-lscache package. |
litespeed_wiki:cache:laravel_esi [2019/05/02 08:45] Lucas Rolff Add CSRF info for OLS |
||
---|---|---|---|
Line 90: | Line 90: | ||
For performance reasons, please do not enable ESI globally. | For performance reasons, please do not enable ESI globally. | ||
+ | |||
+ | =====How to handle CSRF if you're using OpenLiteSpeed===== | ||
+ | |||
+ | OpenLiteSpeed doesn't have ESI available, so you can't use the above ESI implementation with OpenLiteSpeed, however, we can still do something similar using javascript: | ||
+ | |||
+ | <script type="text/javascript"> | ||
+ | $(document).ready(function () { | ||
+ | $.ajax({ | ||
+ | url: '/csrf', | ||
+ | success: function(csrf_token) { | ||
+ | $('meta[name=csrf-token]').attr('content', csrf_token); | ||
+ | $('input[name=_token]').attr('value', csrf_token); | ||
+ | } | ||
+ | }); | ||
+ | }); | ||
+ | </script> | ||
+ | |||
+ | You'll still use the ''/csrf'' endpoint mentioned earlier: | ||
+ | |||
+ | Route::get('/csrf', function() { | ||
+ | $response = csrf_token(); | ||
+ | return response($response, 200); | ||
+ | })->middleware('lscache:private;max-age=900'); |