Open Closed

Removing Mobile Clients from CSRF token validation #904


User avatar
0
wgodfrey_pernix created
  • ABP Framework version: v4.2.0
  • UI type: MVC
  • DB provider: EF Core

Hi ABP,

What is the process to remove an external API client from CSRF validation. At the moment we have to disable CSRF tokens as there is no clear method in the documentation on how to filter specific by external API client etc. I've currently got the Autovalidation disabled at the HTTP API module but I'm concerned this also impacts our Web Layer.

Configure<AbpAntiForgeryOptions>(options =>
            {
                options.AutoValidate = false;
            });

Kind Regards, William Godfrey


1 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Let's discuss in Github, Thanks

    https://github.com/abpframework/abp/issues/7724

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11