fix(api): remove noisy CSRF guard debug log #631

Merged

jason.woltje merged 1 commits from fix/csrf-debug-log into main 2026-03-01 21:13:00 +00:00

Conversation 0 Commits 1 Files Changed 1 +2 -7

jason.woltje commented 2026-03-01 21:12:55 +00:00

Owner

Copy Link

The CSRF_SKIP_SESSION_BINDING debug log fired on every POST because CsrfGuard (APP_GUARD) always runs before the per-controller AuthGuard. This is expected behavior already documented in the code comment — the debug log just creates noise.

The CSRF_SKIP_SESSION_BINDING debug log fired on every POST because CsrfGuard (APP_GUARD) always runs before the per-controller AuthGuard. This is expected behavior already documented in the code comment — the debug log just creates noise.

jason.woltje added 1 commit 2026-03-01 21:12:56 +00:00

fix(api): remove noisy CSRF debug log for expected guard ordering fa567114d6

jason.woltje merged commit b4f4de6f7a into main 2026-03-01 21:13:00 +00:00

jason.woltje referenced this issue from a commit 2026-03-01 21:13:02 +00:00

fix(api): remove noisy CSRF guard debug log (#631)

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

ai

AI/LLM integration

api

Backend/API work

api

auth

Authentication

database

database

Database/schema work

devops

Docker/deployment

docs

Documentation

frontend

graph

knowledge-module

migration

Data migration

orchestrator

Orchestrator service (apps/orchestrator/)

p0

Critical priority

p1

High priority

p2

Medium priority

p3

Low priority

performance

Performance work

phase-1

phase-2

phase-3

phase-4

phase-5

plugin

MoltBot plugin work

search

security

Security-related

setup

Initial setup

testing

Testing/QA

web

Frontend work

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

jason.woltje

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: mosaic/stack#631