Empty CSRF token in Publish

Forum|Forum|8 years ago
May 10, 2017
3 replies
2013 views

I read in some post. if you are accessing the web pages as anonymous user, CSRF token will be empty string. Is this means in publish environment CSRF token will be empty?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by MC_Stuff

Hi Chandran,

CSRF token filter will trigger only for authenticated requests and for anonymous it will never be called. Hence empty string for anonymous is not a valid case.

Thanks,

MC_StuffAccepted solution

Level 10

Hi Chandran,

CSRF token filter will trigger only for authenticated requests and for anonymous it will never be called. Hence empty string for anonymous is not a valid case.

Thanks,

C

chandran8596539Author

Level 3

MC Stuff wrote...

Hi Chandran,

CSRF token filter will trigger only for authenticated requests and for anonymous it will never be called. Hence empty string for anonymous is not a valid case.

Thanks,

Thanks MC,this means in publish environment if end users accessing the page CSRF token will be empty?

Is there any way can have some authenticated pages in publish environment, it should create some default session but it should be accessed by end user (anonymous user).

MC_Stuff

Level 10

Hi Chandran,

For anonymous csrf will not be called that means does not exist only so no question of empty.

Ofcourse there are some scenarios like mentioned below can cause such issue. If you can investigate har with persistance log enabled can help to find the cause. https://confluence.atlassian.com/kb/generating-har-files-and-analysing-web-requests-720420612.html

mis configration of PSC implementation OR
load balancer truncating headers as empty instead of anonymous OR
usage of non standard browser OR
Traffic is allowed to publisher even before server is complete up etc...

Thanks,

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded