Forum Discussion

Cirrocumulus

Feb 16, 2018

ASM insert CSRF although not specify URL

Hi We're using LTM/ASM with v.12.1.3 and right now we see issue as we have enable CSRF protection but we didn't specify and URL in URL list. From my understanding, F5 should insert csr...

Nimbostratus

Feb 17, 2018

see https://support.f5.com/csp/article/K11930 | Configuring CSRF protection

In the URLs List, click the URLs you want the system to examine.

Add at least one URL to the list. The system considers all URLs that are not in the list to be safe, unless another problem is discovered.

Note: Type the URL in the format: /index.html, /*/index.php, or /index.?html.

if you enable the CSRF feature, you need to specify a URL.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ASM insert CSRF although not specify URL

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

ACME DNS RFC-2136 Let's Encrypt certs

MAC users unable to access Internet when on Netskope

Could not communicate with the system. Try to reload page.

F5 mssql health monitor failing

DNS Traffic from floating IP to public IP of a VIP

Related Content

Strict header Insertion

Security Headers Insertion

Forwarded HTTP Extension Insertion (RFC 7239)

C3D and header insert

X Forwarded For Single Header Insert

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS