why getting _csrf null error with spring security and angular

Question

I am getting an error something like this:

{timestamp: 1536511109166, status: 403, error: "Forbidden",…}
error
:
"Forbidden"
message
:
"Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'."
path
:
"/vendors/1"
status
:
403
timestamp
:
1536511109166

The spring security project uses a zuul proxy.

zuul:
  routes:
    resource:
      path: /resource/**
      url: http://localhost:9000
      sensitive-headers:

The spring security has the following configuration set for spring security so that csrf token repo can be used.

@Override
        protected void configure(HttpSecurity http) throws Exception {
            // @formatter:off
            http
                .httpBasic().and()
                .logout().and()
                .authorizeRequests()
                .antMatchers("/index.html", "/", "/home", "/login", "/vendors", "/table").permitAll()
                    .anyRequest().authenticated()
                    .and()
                .csrf()
                    .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
            // @formatter:on
        }

I am not getting any error on get requests but only post and delete requests are failing with this error. Also I am using spring-session server as redis on both proxy and resource.

Sample project location :

https://github.com/nishantlakhara/proxy