Submitting a form with enctype="multipart/form-data" always results in "Invalid CSRF Token" response. Not sure how, but it seems that form-token in the with-csrf-token function ends up being nil.
To reproduce, you can create a new project and replace the # Routes section with:
(route :get "/" :home)
(defn home [request]
(form-with request {:method "post" :action "/" :enctype "multipart/form-data"}
(file-field {} :attachment)
(submit "submit")))
(route :post "/" :create)
(defn create [{:body body}]
[:p (string "body has " (length body) " elements")])Disabling the CSRF middleware gets rid of the error (but then we're vulnerable to CSRF). Using application/x-www-form-urlencoded works fine (but then we can't use <input type="file"> elements).
Submitting a form with
enctype="multipart/form-data"always results in "Invalid CSRF Token" response. Not sure how, but it seems thatform-tokenin thewith-csrf-tokenfunction ends up beingnil.To reproduce, you can create a new project and replace the
# Routessection with:Disabling the CSRF middleware gets rid of the error (but then we're vulnerable to CSRF). Using
application/x-www-form-urlencodedworks fine (but then we can't use<input type="file">elements).