Forum Discussion

Cirrostratus

Apr 18, 2016

Using ASM and CSRF with Angular

Does any one have experience using ASM CSRF with the Angular framework? I see the in normal responses for HTML that the CSRT URL parameter is appended to for subsequent requests. However, our Angul...

Historic F5 Account

Apr 26, 2016

I am not sure I understand the Angular framework document you posted, but it appears to me that the XSRF functionality you are describing is basically Angular's method to prevent CSRF. In order to leverage Angular's protection, it asks for a unique cookie that the server understands, but that's all. That the cookie is generated by the server's implementation of CSRF protection is not what it seems to want. Based on that, it seems to me that Angular's XSRF-TOKEN and related are separate and independent of ASM's CSRF.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Using ASM and CSRF with Angular

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

APM Portal Access & Angular Js issue

APM Security: Protecting Internal Resources Using ACLs

Which TLS algorithm should I use?

Form base sso for MVC ANGULAR 5

Using BIG-IQ for BIG-IP VE Lifecycle Management

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS