AEM CSRF Issue / Forbidden POST Call in AEM

AEM CSRF Issue / Forbidden POST Call in AEM

AEM providing CSRF Protection from 6.0 version on wards. if you are using granite.jquery dependency it will automatically provide CSRF protection framework.

if you are not using cq provided jQuery you must add granite.csrf.standalone as dependency.


if you don't want use above client libs as dependency. you can pass 'CSRF-Token' as header property for async XHR request. Call to '/libs/granite/csrf/token.json' will give 'CSRF-Token' value.



Adobe Document 

2 comments:

  1. Hi ,
    Could you please Kindly elaborate on this. Can you help us in the step by step implementation of CSRF in AEM? We ahve very few documents available on this in AEM website

    ReplyDelete
  2. Thank you very much, it helped resolving an impending issue :)

    ReplyDelete