cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTP request failed (403 Forbidden): CSRF token validation failed

Go to solution
prajeshdesai
Contributor

on ‎09-10-2020 6:51 AM

0 Kudos

Hey Gurus,

I'm facing this weird issue in my custom UI5 application,

using OData model,

Request POST:

Payload Error:

Every thing is working fine in GW_CLIENT and POSTMAN.

Only facing issue when calling from UI5 app in chrome with disable cross.

Please help me with this, as i tried almost every thing and no luck.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

jhodel18
Active Contributor
‎09-11-2020 3:52 PM

Hi Prajesh,

I don't see any session cookies from your Request Header so it's highly likely that is the issue.

When testing in Postman, the tool will handle the token for you. To simulate the error in postman, before sending the POST request, try deleting the cookies and you will also get the 403 error.

Show replies
Show replies
jhodel18
Active Contributor
‎09-14-2020 10:36 AM
0 Kudos

You're welcome Prajesh!

If my answer helped you on finding the root cause of your issue, don't forget to mark the answer as accepted. Thanks!

Answers (1)

Answers (1)

prajeshdesai
Contributor
‎09-14-2020 6:39 AM
0 Kudos

Thanks jhodel18, I'm able to rectify that my cookies are blocked by chrome due to SameSite=Lax.

For time being I used client side workaround to resolved this,

Step 1: go to chrome://flags

Step 2: Disable SameSite by default cookies.

Again thanks for your great help.

Show replies
Show replies
Ask a Question