Why do we need to attach CSRF token to request hea...

Former Member · ‎01-18-2018

I am using sap.m.UploadCollection to upload file from SAPUI5 toolkit and stored it in binary format in sap hana db (blob) through xsjs. I am curious to know why we normally attach CSRF token in request header of File upload web service.

former_member484715 · ‎01-18-2018

Hi Goutham R,

CSRF stands for Cross-Site Request Forgery. According to wikipedia, it is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. To prevent CSRF attacks, we need to send an CSRF token, alongwith the user's data, while sending it from the front end. In layman's words, a CSRF token is something, that is used to ensure your backend that the correct user is making the transaction from the front end. View the foll. links for in-depth explanation of the CSRF mechanism.

Link 1 - How the CSRF attack works.
Link 2 - How does an CSRF token help in preventing attacks.

Hope this helps,

Regards,

Arjun Biswas

Why do we need to attach CSRF token to request header of web service?

Accepted Solutions (0)

Answers (1)

Answers (1)

SAP Datasphere test tenant ?

Re: SAC Measure input control doesn't work

Re: print open lines sales order sap b1 using crys...

Re: Hybris 2211v properties line break not working...

Re: RAP : Mass edit functionality using FIORI Elem...