Hi Swati, Please refer - https://docs.wso2.com/display/IS530/Mitigating+Cross+Site+Request+Forgery+(CSRF)+Attacks
Thank you! On Tue, Mar 13, 2018 at 10:31 AM, Swati Jain (ITPF) <swat...@india.nec.com> wrote: > Hello sir, > > > > I have query regarding the CSRF implementation, we want to login on API > manager console without skipping the CSRF protection. I found a JIRA bug > ID- https://wso2.org/jira/browse/APIMANAGER-5244 in which they have > mention that “We can skip CSRF protection for the particular URL/s as in > following config.” > > > > org.owasp.csrfguard.unprotected.Services=%servletContext%/xxxxxxxx/*. > > > > So please let me know there is any other solution for this. > > > > Thanks & Regards > > Swati Jain > -- *Pubudu Gunatilaka* Committer and PMC Member - Apache Stratos Senior Software Engineer WSO2, Inc.: http://wso2.com mobile : +94774078049 <%2B94772207163>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev