On 26/07/2016 11:18, Robert Alsdorff wrote: > Hey folks, > > during some tests I had several 403 Validation of CSRF security token > failed errors. Since it's only a testing system I'd like to disable > the CSRF checks but I don't find any information on how to do that. > Has anybody already done that and can help me out?
Assuming that the CSRF protection is provided by the standard Tomcat filter, remove the mapping for the CSRF filter in the web.xml of the application. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
