Question

1
Replies
520
Views
Close popover
Joseph D'amore (DAMOREJ1)
Rulesware LLC
LSA
Rulesware LLC
CA
DAMOREJ1 Member since 2007 10 posts
Rulesware LLC
Posted: March 12, 2018
Last activity: March 13, 2018
Closed
Solved

Empty CSRF Token

We are in the process of turning on CSRF mitigation using the following DSS settings: security/csrf/mitigation = true , security/csrf/secureall = true

When reviewing the application html source, it looks like the CSRF token is not being populated. Here is a snippet of html code from the application:

"pega.d" : { "pyUID": "gdamore", "csrfToken": "",

System Administration
Moderation Team has archived post