Forum Discussion

Cirrostratus

Apr 18, 2016

Using ASM and CSRF with Angular

Does any one have experience using ASM CSRF with the Angular framework? I see the in normal responses for HTML that the CSRT URL parameter is appended to for subsequent requests. However, our Angul...

Historic F5 Account

May 16, 2016

Walter, ASM CSRF protection doesn't have support for Angular. But AFAIK you can implement the CSRF protection by yourself via iRule. For example you can use hash value of the TS_Cookie as the CSRF token, give it to angular by setting the value of CSRF_TOKEN cookie and enforce the protection by verifying that the CSRF_Token HTTP Header sent by Angular does match the value of MD5 hash of the TS_Cookie. Does it makes sense?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Using ASM and CSRF with Angular

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Automate scp transfers using password

Enhance your Application Security using Client-side signals

Mitigating OWASP API Security Top 10 risks using F5 NGINX App Protect

SSL Orchestrator Advanced Use Cases: Custom Blocking Pages

A look on APT operations and using F5 BIG-IP features for mitigation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS