I read in some post. if you are accessing the web pages as anonymous user, CSRF token will be empty string. Is this means in publish environment CSRF token will be empty?
Solved! Go to Solution.
Views
Replies
Total Likes
Hi Chandran,
CSRF token filter will trigger only for authenticated requests and for anonymous it will never be called. Hence empty string for anonymous is not a valid case.
Thanks,
Views
Replies
Total Likes
Hi Chandran,
CSRF token filter will trigger only for authenticated requests and for anonymous it will never be called. Hence empty string for anonymous is not a valid case.
Thanks,
Views
Replies
Total Likes
MC Stuff wrote...
Hi Chandran,
CSRF token filter will trigger only for authenticated requests and for anonymous it will never be called. Hence empty string for anonymous is not a valid case.
Thanks,
Thanks MC,this means in publish environment if end users accessing the page CSRF token will be empty?
Is there any way can have some authenticated pages in publish environment, it should create some default session but it should be accessed by end user (anonymous user).
Views
Replies
Total Likes
Hi Chandran,
For anonymous csrf will not be called that means does not exist only so no question of empty.
Ofcourse there are some scenarios like mentioned below can cause such issue. If you can investigate har with persistance log enabled can help to find the cause. https://confluence.atlassian.com/kb/generating-har-files-and-analysing-web-requests-720420612.html
Thanks,
Views
Replies
Total Likes