Intended use case for granite.jquery's csrf.js | Community
Skip to main content
J
Joel_Triemstra1
Level 3
October 27, 2015
Solved

Intended use case for granite.jquery's csrf.js

  • October 27, 2015
  • 3 replies
  • 1422 views

We’re running into some Javascript errors in Internet Explorer that we’ve tracked down to /etc/clientlibs/granite/jquery/granite/csrf/source/csrf.js

Specifically, the line handleForm(result.contentWindow.document)is a problem when an iframe contains content from a different domain.

I suspect I can set up an overlay to work around this, but wanted to get some input as far as what the intended use case for this behavior is, or if there are specific components in AEM that are relying on it, so we can be prepared for any future problems that may arise.

Thanks

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by ogill

Hi,

some details here [1][2], as Scott mentioned it is part of the security framework in AEM and as such should not be modified. If you have specific issues, I'd suggest raising a support ticket.

Regards,

Opkar

[1] https://docs.adobe.com/docs/en/aem/6-1/develop/security.html

[2] https://docs.adobe.com/docs/en/aem/6-1/develop/security/csrf-protection.html

3 replies

smacdonald2008
smacdonald2008
Level 10
October 27, 2015

FRom reading the code - looks like this is helping against:

https://en.wikipedia.org/wiki/Cross-site_request_forgery

Also- i sent this question other Adobe ppl so they can help with this question. 

O
Adobe Employee
ogillAdobe EmployeeAccepted solution
Adobe Employee
October 27, 2015

Hi,

some details here [1][2], as Scott mentioned it is part of the security framework in AEM and as such should not be modified. If you have specific issues, I'd suggest raising a support ticket.

Regards,

Opkar

[1] https://docs.adobe.com/docs/en/aem/6-1/develop/security.html

[2] https://docs.adobe.com/docs/en/aem/6-1/develop/security/csrf-protection.html

akkul_reddy
akkul_reddy
December 7, 2015

Hi,

We are using google Recaptcha  as a component on our forms.It is not able to get the options which we have to select to solve the recaptcha, it is continuously loading. We are facing this problem in IE11,after debugging came to know that it is failing handleForm(result.contentWindow.document);(/etc/clientlibs/granite/jquery/granite/csrf/source/csrf.js)  in this location.Please suggest me how we can resolve this issue.

Thanking you.

    Terms & ConditionsAccessibility statement

    Loading footer...