5
Views
4
Comments
Solved
How to create and validate CSRF tokens in traditional web applications
Question

Hi,

I am working on a traditional web application and client arranged a third party VPAT testing. In the result of testing we got one issue related to Cross site request Forgery (CSRF). Their suggestion is : Properly validate CSRF tokens for all requests. 

When I searched for this for OutSystems then found it is enable by default on OutSysetms 10 or after. So am not sure how to implement it. Please suggest.

Regards

mvp_badge
MVP
Rank: #71
Solution

Hi Vikas,

The OutSystems platform already has built-in protection against CSRF attacks.

For more information check out this article.

Regards,

Nordin

Rank: #439

Hi Nordin,

Thanks for update. But do we need to enable it manually or something which we need to enable from service center or lifetime for this. As you said its already in built but am not sure why VPAT testing result showing this vulnerability. Kindly suggest.

Regards

Rank: #439

Hi Nordin,

Thanks for explanation. Your answer will help me to explain this to client.

Regards.