[Owasp-csrfguard] configuration of javascript solution

cecile forella forellacecile at hotmail.fr
Thu Mar 15 11:47:42 UTC 2012



Hello,
 
I've configured Owasp csrfguard javascript's solution :
 
- I've configured my web.xml file
- I've configured the Owasp.CsrfGuard.properties
 
What do we have to do in order the javascriptServlet to be called? I've tried to put the script :
 
<script src="/JavaScriptServlet"></script> in my pages but I dont think the servlet is called.
 
So I always have the following error in the console :
 
[Error] potential cross-site request forgery (CSRF) attack thwarted

as if the script wasn't called...
 
Does someone have an idea?

Thanks in advance for your help

Cecile 
 
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-csrfguard/attachments/20120315/64a2b9bd/attachment.html>


More information about the Owasp-csrfguard mailing list