Solved: How do I disable CSRF token for my service ?

Former Member · ‎02-25-2016

Hi Gurus,

I wanted to disable CSRF token for my service ...

I have gone through the forum and noted that disable CSRF token at ICF by putting the CSRF parameter as 0.

I did the same , but when I test at REST Client during GET ...its NOT responding with CSRF token ... but when I do POST it says that CSRF token inavlid..

Looks like disbaling CSRF token works at GET but not at POST I guess..

How do I disble CSRF token for my entire service ...?? this service is being called from our web ...

Appreciate your help and advise..

Kind Regards

Shiv

former_member184867 · ‎02-25-2016

You need two things. First is disabling it at the server which you have already done. second the client also need to Pass http header 'X-Requested-With' with a value of 'X' during the http call

AshwinDutt · ‎02-25-2016

Hello Shiva,

There is a reason behind why issuing a CSRF token is required while performing your any Modifying requests.

Please note its not recommend to disable it.

However please check the below and would like to mention again its not good to disable it->

Regards,

Ashwin

How do I disable CSRF token for my service ?

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)

Re: applying conditional formatting to the hierarc...

Re: How to quantify memory usage of an ABAP instan...

Re: How to quantify memory usage of an ABAP instan...

Re: Blending Tables (Import Models)

Re: Feature Request: Allow Process Intelligence Co...