cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

csrf token validation failed when i try to add X-CSRF-Token to Request Header in OData

Go to solution
Former Member

on ‎03-22-2014 12:53 PM

0 Kudos

Hi,

I am creating a WCF rest service to consume SAP OData service in my application i am able to read data but not able to insert entity.

I am getting an issue while add X-CSRF-Token to Entity Request Header. Please help me on this.

                    var cookieContainer = new CookieContainer();
                    cookieContainer.Add(new Cookie("SAP_SESSIONID", "value"){Domain= Uri.Host});

                var entities = new ServiceReference1.leaverequest_Entities(sapUri);

                entities.Credentials = new NetworkCredential("username", "password");

                entities.SendingRequest += (s, e) =>

                {

                    ((HttpWebRequest)e.Request).CookieContainer = cookieContainer;

                    ((HttpWebRequest)e.Request).Headers.Add("X-CSRF-Token", csrfToken);

                };

                entities.AddToLeaveRequestCollection(leaveRequest);               

                entities.SaveChanges();

I wrote unit test for debug my POST implementation. When i am debugging the code , when ever "((HttpWebRequest)e.Request).Headers.Add("X-CSRF-Token", csrfToken)" code executing , i am getting exception that "csrf token validation failed".


Need a help on this Urgent?


Thanks,

Siva

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member184867
Active Contributor
‎03-23-2014 4:36 AM
0 Kudos

You need to fetch the CSRF token and pass it with every Insert/Update/Delete call.  To get the CSRF token , you need to pass header 'X-CSRF-Token' with value 'Fetch'. You will get the CSRF token in response . For CUD calls you need to pass this with 'X-CSRF-Token'.

Show replies
Show replies
Former Member
‎03-23-2014 4:43 AM
0 Kudos

Hi Mallik,

I am fetching the X-CSRF-Token and as well passing to POST implementation.

Answers (0)

Ask a Question