Solved: Why the business rules Invoke Rule Service need co...

SamueleBarzaghi · ‎07-06-2018

Hi,

The invoke rule service need the cookies returned by the get token request otherwise we get http response 200 with body:

"Note: Your browser does not support JavaScript or it is turned off. Press the button to proceed"

Why the invoke rule service need the cookies?

Thank you

qmacro · ‎07-07-2018

This is because the CSRF token is only valid in the context of the response in which it was received, which is described by the cookies that were sent in that response. There's a section ("Avoiding the gotcha") in my post on https://blogs.sap.com/2018/01/14/discovering-scp-workflow-instance-initiation/) in my Discovering SCP Workflow series (http://pipetree.com/qmacro/blog/2018/01/16/discovering-scp-workflow/). It is about Workflow rather than Business Rules, but it's the same procedure (use of CSRF tokens) and the same concept applies.

SamueleBarzaghi · ‎07-10-2018

Hi DJ Adams,

Clear, thank you

Why the business rules Invoke Rule Service need cookies?

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)

Re: Bind App to hdi-container with specific role o...

Re: Filter on multiple criteria

Re: ODATA V4 RAP - How to retrieve messages in res...

Re: Shared variable doesn't work when exported to ...

Re: Filter on multiple criteria