When using the first example in the Readme, (using Ejs template language), the token validation works fine. When I try using the 'Ignoring Routes' example, on the 'GET /form' to 'POST /process' execution(just as I did in the first example), I get 'invalid token' on the 'POST'. The token is being passed to the form on the GET. Any ideas?

Hi! I'm not sure, can you provide some more information? I don't seem to be able to reproduce the issue. Perhaps share a repo or a gist of the example code you are using a long with the templates so we can take a look?

Hello, I have just posted to stackoverflow with example code. http://stackoverflow.com/questions/35326761/invalid-token-using-expressjs-csurf-middleware-example

I just installed the latest version of Nodejs and I just used the cmd 'npm install XXX' for each required module. Maybe I need specific versions?

AH, I see what you are saying. The reason it's not working is because the https://github.com/expressjs/csurf#ignoring-routes example only accepts the CSRF token being in the query string or HTTP header, not in the POST body. This is because the form is not actually getting parsed until after the csrf token validation occurs. I'll move up the parseForm in the example.