Fixes #4827: default config for functional tests of both basic and advanced app now turns off CSRF validation while providing commented out alternative setting cookie domain to localhost

tests/codeception/config/functional.php

@@ -9,6 +9,17 @@ return yii\helpers\ArrayHelper::merge(
     require(__DIR__ . '/../../../config/web.php'),
     require(__DIR__ . '/config.php'),
     [
-
+        'components' => [
+            'request' => [
+                // it's not recommended to run functional tests with CSRF validation enabled
+                'enableCsrfValidation' => false,
+                // but if you absolutely need it set cookie domain to localhost
+                /*
+                'csrfCookie' => [
+                    'domain' => 'localhost',
+                ],
+                */
+            ],
+        ],
     ]
 );