[Owasp-csrfguard] Cant Get Forms Working

Patrick Radtke pradtke at stanford.edu
Fri Jul 29 11:45:36 EDT 2011


On 7/29/11 7:29 AM, Nirav wrote:
> Hello All !
>
> I just got the latest version of the CSRFGuard from github and built 
> it and deployed it on our application on Glassfish 2.1. We use Stripes 
> as our MVC. Most parts of the app seem to be working fine and I see 
> the token being injected where it should be. But I cant get any of the 
> forms to work. The POST in firebug shows the token being sent. But 
> when its intercepted by the CSRFGuardFilter - it does not find it. I 
> debugged further and found that there were no request parameters at 
> all in my HTTPRequest !
>
> Any idea what the weirdness is? We have been at it for two days now ! :(
>
> Regards!
> Nirav
>
Are you posting with the token as a form parameter, or are you posting 
to URL that contains the token?
We post to a url that contains the token and that works fine.
Are you using the JavaScript library or the JSTL tags?

-Patrick


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-csrfguard/attachments/20110729/cfb85db4/attachment.html 


More information about the Owasp-csrfguard mailing list