Last activity: 16 Oct 2018 12:03 EDT
Cross Site Request Forgery Attack
While we were having the performance test run on an environment, we saw below alert occurred many times (3600 times or so). ( automated load test with 125 users and 13000 transactions)
Cross Site Request Forgery attack detected and was blocked. Invalid CSRF token sent in request. Token from client : xxxxx, Expected Token = xxxxx
While we doubt that the automation scripts have tried to use inappropriate session ID, anyone can help with quick pointers?
***Edited by Moderator Marissa to remove error****
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.