Skip to Content
author's profile photo Former Member
Former Member

Can someone provide regex for csrf.allowed.url.patterns

We configured csrf but csrf.allowed.url.patterns setting is not working.

We have requirement that page other that my-account all other page should be excluded from DSRF.

Can someone help here

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Posted on Apr 08, 2016 at 05:26 AM

    Do you have any hints for this issue cus we are facing with the same problem in combination with the eventtracking and hybrisAnalyticsAddon in the b2btelco accelerator.

    Thanks for your answer.

    Best Regards Chris

    Add a comment
    10|10000 characters needed characters exceeded

  • author's profile photo Former Member
    Former Member
    Posted on Apr 08, 2016 at 08:11 PM
     csrf.allowed.url.patterns=^/?(/uri1)/?$,(/uri2)(.*)$
    

    did you try this way?

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.