First guess: your form's relative URL is the problem. Change your form
's action
attribute to /service/add
and see if that helps. The 403 forbidden error you are getting probably means the POST request is going to a different URL path that you expect. For example, if your form is at /pages/service
, the form will submit to /pages/service/service/add
due to the relative url.
2nd guess: Ah. got it.
at Object.module.exports [as handle] (/var/www/html/melissa/manage/development/yoshiaki-tanaka/node_modules/tower/node_modules/express/node_modules/connect/lib/middleware/csrf.js:54:41)
That crsf
module is probably checking for a cross site request forgery token in your form, which would take the form of a <input type="hidden" name="crsf_token" value="YOUR_CRSF_TOKEN">
tag (or something like that). Read the docs on the CRSF middleware you are using about how to create the proper <form>
tag HTML including the CRSF token.