I’m trying to get my app to submit something with XHR to an API my app exposes through a plugin.
Everything shows up fine in my request but I still get a token mismatch.
I’ve looked at a form on my website as well to make sure the token lines up with what said form would send and it does.
However, somehow, the form itself can send it just fine but my XHR gets a CsrfToken mismatch…
I can’t tell it to “not use csrf” here either because it just ignores that (and I don’t want to bother the user of this plugin with manually adding it to the whitelist in his/her project).