From 628f346e800c23f294deb0d7087ea0cb7d2491bb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=93scar=20de=20Arriba?= <oscar@dearriba.es>
Date: Mon, 2 Dec 2024 21:49:35 +0100
Subject: [PATCH] Improve docs regarding LiveView scope.

---
 lib/error_tracker/web.ex        | 10 +++++++++-
 lib/error_tracker/web/router.ex |  3 +++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/lib/error_tracker/web.ex b/lib/error_tracker/web.ex
index bcf95bd..448909d 100644
--- a/lib/error_tracker/web.ex
+++ b/lib/error_tracker/web.ex
@@ -13,12 +13,20 @@ defmodule ErrorTracker.Web do
 
     ...
 
-    error_tracker_dashboard "/errors"
+    scope "/" do
+      ...
+
+      error_tracker_dashboard "/errors"
+    end
   end
   ```
 
   This will add the routes needed for ErrorTracker's dashboard to work.
 
+  **Note:** when adding the dashboard routes, make sure you do it in an scope that
+  has CSRF protection (usually the `:browser` pipeline in most projects), as
+  otherwise you may experience LiveView issues like crashes and redirections.
+
   ## Security considerations
 
   Errors may contain sensitive information, like IP addresses, users information
diff --git a/lib/error_tracker/web/router.ex b/lib/error_tracker/web/router.ex
index 58a2b44..294342f 100644
--- a/lib/error_tracker/web/router.ex
+++ b/lib/error_tracker/web/router.ex
@@ -10,6 +10,9 @@ defmodule ErrorTracker.Web.Router do
 
   It requires a path in which you are going to serve the web interface.
 
+  In order to work properly, the route should be in a scope with CSRF protection
+  (usually the `:browser` pipeline).
+
   ## Security considerations
 
   The dashboard inlines both the JS and CSS assets. This means that, if your