Skip to Content
0
Former Member
Jul 18, 2016 at 09:15 AM

AJAX and CSRF-Tokens

1146 Views


Hi,


I successfully setup several AJAX-calls (GET and PUT) with CSRF tokens:


jQuery.ajax({

url: aUrl,

method: method,

headers: {"X-Csrf-Token": "Fetch"},

dataType: 'json',

contentType: "application/json",

data: data

});


If I now request a call via POST, I get the following Error:


POST https://example.com/api/customer

The request contains an invalid x-csrf-token


Is there an easy way to get a valid token or to just disable csrf (I know the security risks) ?


We use the XSA WebIDE with node.js endpoints as described by Thomas Jung's GitHub-Repository: https://github.com/I809764/DEV602