[Owasp-csrfguard] Cant Get Forms Working
pradtke at stanford.edu
Fri Jul 29 11:45:36 EDT 2011
On 7/29/11 7:29 AM, Nirav wrote:
> Hello All !
> I just got the latest version of the CSRFGuard from github and built
> it and deployed it on our application on Glassfish 2.1. We use Stripes
> as our MVC. Most parts of the app seem to be working fine and I see
> the token being injected where it should be. But I cant get any of the
> forms to work. The POST in firebug shows the token being sent. But
> when its intercepted by the CSRFGuardFilter - it does not find it. I
> debugged further and found that there were no request parameters at
> all in my HTTPRequest !
> Any idea what the weirdness is? We have been at it for two days now ! :(
Are you posting with the token as a form parameter, or are you posting
to URL that contains the token?
We post to a url that contains the token and that works fine.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-csrfguard