Hi,
My context is HANA Cloud Platform.
So i installed Hana test tool to used xsunit, i changed the localhost.xshttpdest to use the correct host. In this file i'm using basic authorization with my HANA user and password.
Then i coded the test as follow:
describe("Testing Suite", function() { it("receive message", function() { var requestBody = '{}'; var headers = { "Content-Type": "application/json", "x-csrf-token": "fetch" }; var response = jasmine.callHTTPService("/messages.xsjs", $.net.http.GET, requestBody, headers); expect(response.status).toBe($.net.http.OK); expect(response.headers.get("x-csrf-token")).toBeDefined(); headers["x-csrf-token"] = response.headers.get("x-csrf-token"); requestBody = JSON.stringify({ "data": "data" }); response = jasmine.callHTTPService("/messages.xsjs", $.net.http.POST, requestBody, headers); expect(response.status).toBe($.net.http.OK); }); });
The token fetch works, but i get a 403 for the second resquest.
With postman i have no issue.
If i deactivate prevent_xsrf in my .xsaccess file i have no issue with the post but it is not something i want to do.
What am i missing ?
Thanks for your help.