Sling Referrer and CSRF filter issue | Adobe Higher Education
Skip to main content
mchag
mchag
Level 2
September 29, 2016

Sling Referrer and CSRF filter issue

  • September 29, 2016
  • 1 の返信
  • 3030 ビュー

Hi,

As part of payment process we are integrating with third party payment gateway when user completes the payment process on payment gateway, payment gateway will do POST request to resource in AEM.

The post request from payment gateway is getting blocked by Sling referrer filter and CSRF filter

Can some body suggest what is the best way to implement to pass the post request through sling referrer filter and CSRF filter from external site

I have tried by allowing empty referrer in sling referrer filter  and removing post in CSRF filter which is working, but which is not the ideal way of allowing the external post request to AEM.

    このトピックへの返信は締め切られました。

    1 の返信

    kautuk_sahni
    Community Manager
    kautuk_sahniCommunity Manager
    Community Manager
    September 30, 2016

    Hi 

    Please have a look at this slimier forum post :-

    Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manager.topic.html/forum__14yg-a_form_thatpostsda.html

    // 

    With 6.1, AEM added CSRF (Cross-Site Request Forgery) protection and you need to ensure that the CSRF token is included.

    This should be handled automatically if you are using AEM's version of jQuery. This library has the code to get the token and add it to all XHR and forms.

    If you absolutely need to use a different version of jQuery (why?) and/or don't use jQuery at all, then you can include the 'granite.csrf.standalone' client library and it will do the same hooks.

    Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manager.topic.html/forum__bqgo-hi_all_can_wege.html

     

    Reference Articles :- 

    Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manager.topic.126.html/forum__dknw-i_have_a_sitesetup.html

    Link:- http://suryakand-shinde.blogspot.in/2016/07/aem-form-submission-handling-post.html

    Link:- http://help-forums.adobe.com/content/adobeforums/en/experience-manager-forum/adobe-experience-manager.topic.html/forum__x1kv-we_are_upgradingfro.html

     

    ~kautuk

    Kautuk Sahni
      契約条件Accessibility statement

      Loading footer...