Hi @Julio_Baixauli,I'm coming in very late to this question, but since
this post comes up in searches for ":cq_csrf_token" it may help
someone.It appears that in AEM versions before 6.1 :cq_csrf_token was
used passed in request headers.After that, as @aemmarc says, CSRF-Token
is passed in the request headers.For example I'm working on legacy code
which checks for :cq_csrf_token.String csrf =
request.getParameter(":cq_csrf_token"); if (StringUtils.isBlank(csrf)) {
...Since we're switching to use ...