Skip to Content
Mar 22 at 12:27 PM

CAP Node JS - cds.env.features.fetch_csrf per service



We have a CAP project with a mix of external services. Some require CSRF tokens (SAP backends), some do not require it (non-SAP backends) and some of the latter are not responding well to the "HEAD" requests which are emitted by the SDK to fetch CSRF tokens (fail or cause long delays).

So I need to control this on a per-service level. There is the "cds.env.features.fetch_csrf" flag but it applies across all the services. How can I make it active for a subset of the services? Looking at the sources it seems I might be out of luck here, am I missing something or do I need to patch it and can it be considered for implementation in CAP?


Thanks in advance!



image.png (73.0 kB)