Fixes #4827: default config for functional tests of both basic and advanced app now turns off CSRF validation while providing commented out alternative setting cookie domain to localhost

apps/advanced/tests/codeception/config/functional.php

@@ -3,5 +3,16 @@
  * Application configuration shared by all applications functional tests
  */
 return [
-
+    'components' => [
+        'request' => [
+            // it's not recommended to run functional tests with CSRF validation enabled
+            'enableCsrfValidation' => false,
+            // but if you absolutely need it set cookie domain to localhost
+            /*
+            'csrfCookie' => [
+                'domain' => 'localhost',
+            ],
+            */
+        ],
+    ],
 ];

apps/basic/tests/codeception/config/functional.php

@@ -9,6 +9,17 @@ return yii\helpers\ArrayHelper::merge(
     require(__DIR__ . '/../../../config/web.php'),
     require(__DIR__ . '/config.php'),
     [
-
+        'components' => [
+            'request' => [
+                // it's not recommended to run functional tests with CSRF validation enabled
+                'enableCsrfValidation' => false,
+                // but if you absolutely need it set cookie domain to localhost
+                /*
+                'csrfCookie' => [
+                    'domain' => 'localhost',
+                ],
+                */
+            ],
+        ],
     ]
 );