Getting 404 for csrf token

Forum|Forum|2 years ago
May 5, 2023
5 replies
2201 views

Hi Team,

In dispatcher we are getting 404 for the csrf token. We are facing this issue only in the dispatcher level.

We have added below dispatcher configurations:

1) In clientheaders - "CSRF-Token" is added

2) In filters we have allowed the csrf token

/044 {
/selectors ''
/extension 'json'
/type "allow"
/method "GET"
/path '/libs/granite/csrf/token'
/suffix ''
}

3) We have added the below clientlib category -

granite.csrf.standalone

Please let me know if you've any possible solutions.

@Vijayalakshmi_S @arunpatidar @Suraj_Kamdi

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by Vanitha_Duraisamy

Thanks for all the responses.

The issue got resolved after removing the below clientlibrary category from our code.

AsifChowdhury

Community Advisor

Hello @vanitha_duraisamy

I have faced a similar type issue with the author

Then I had to fetch the CSRF token first then did the actual Ajax call.

let xhttp = new XMLHttpRequest();
            xhttp.open('GET', "/libs/granite/csrf/token.json", true);

            xhttp.onload = function() {
                if (xhttp.status === 200) {
                    let response = JSON.parse(xhttp.responseText);
                    let csrfToken = response.token;

                    let xhr = new XMLHttpRequest();
                    xhr.open("POST", url, true);
                    xhr.setRequestHeader('CSRF-Token', csrfToken);

                    xhr.onreadystatechange = function() {
                        if (this.readyState === XMLHttpRequest.DONE && this.status === 200) {
                        //     do rest of the things
                        }
                    };
                    xhr.send(JSON.stringify(data));
                }
            };

            xhttp.send();
        });

I am not sure but maybe you will get an idea from it.