During some basic security test. When the apache request sent with same custom header-CSRF-cookie and POST-CSRF-Cookie.
header-CSRF-cookie
POST-CSRF-Cookie
CSRF to
