csrfguard.js correct way to config

[Sabrinale]

Hello,
I have set up latest version 4.2. and added csrfGuard.properties in webapp/WEB-INF. However, the app work without out csrfguard.js and in the of every page does not seem to have the csrfGuard.js file (when i inspect element). When this js file needed. I currently need to inject token name and token value every single form

( ex

it works and token showed in views I added . in web.xml has sth like "inject in attribute, inject-into-forms"

inject-into-forms
true


inject-into-attributes
true
So i wonder if i installed correctly. Do I need to add token name and token value manually to form. Thank you for helping. in the csrfguard,js mention " Code to ensure our event always gets triggered when the DOM is updated or ie does not properly support prototype - wrap completely" . how can i test the application so the break point would go to this csrfguards.js file?

[forgedhallpass]

The JavaScript is needed in every case, except when you have a JSP application, because in that case the tokens are injected directly on the server-side.

Duplicate of #193