Vulnerability in EPiServer.Forms
I got a problem when fetching a form block from the Content Delivery API. For example, when I call the API like this: https://localhost:5000/api/episerver/v3.0/content/2542?currentPageUrl=/page&expand=*
The response contains the formModel with template and assets, but the problem is that in the template the "Form__MainBody"-div is empty. I have checked in FormContainerBlock.cshtml and it seems like the Model.Form.Steps there is empty so no input fields are showing.
I have read on this page: https://docs.developers.optimizely.com/content-management-system/v1.5.0-content-delivery-api/docs/content-delivery-api-and-optimizely-forms , that you need to send a parameter named currentPageUrl equal to window.location.pathname or or it could lead to errors like the form steps not showing, similiar to my problem.
For the form it self I have tried with both adding steps elements and without them.
I'm grateful for any response!