Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Venkata Viswanatha Sharma Jonnalagadda (_JVV_Sharma)
PEGA
Technical Lead
Pega Systems
IN
_JVV_Sharma Member since 2011 43 posts
PEGA
Posted: Oct 16, 2017
Last activity: Oct 16, 2018
Posted: 16 Oct 2017 13:55 EDT
Last activity: 16 Oct 2018 12:03 EDT
Closed

Cross Site Request Forgery Attack

While we were having the performance test run on an environment, we saw below alert occurred many times (3600 times or so). ( automated load test with 125 users and 13000 transactions)

Cross Site Request Forgery attack detected and was blocked. Invalid CSRF token sent in request. Token from client : xxxxx, Expected Token = xxxxx

While we doubt that the automation scripts have tried to use inappropriate session ID, anyone can help with quick pointers?

***Edited by Moderator Marissa to remove error****


**Moderation Team has archived post**


This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

To see attachments, please log in.
Security

Posted: 7 years ago
Posted: 16 Oct 2017 14:20 EDT
Venkata Viswanatha Sharma Jonnalagadda (_JVV_Sharma)
PEGA
Technical Lead
Pega Systems
IN

Ours is a Pega 7.2.2 claims application which is built on CSI 7.2.2.

Is there any other detail you need here?

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice