Problem with rest service calls

40 views
Skip to first unread message

Guy Poulalion

unread,
Mar 18, 2016, 4:35:40 AM3/18/16
to LightLink.io community support
Hello Vitaliy,

I have no problem to use lightlink with direct js api calls in my javascript code.

But, when I try to call my sql definitions with a rest service, I have the error below :

{"success":false,"csrf_error":true}

Other thing, I have remarked that the object "csrf" is not definied in the javascript console...

Can you help me please ?


Regards,

Guy

Vitaliy Shevchuk

unread,
Mar 22, 2016, 6:44:39 PM3/22/16
to LightLink.io community support
Hello Guy,

I'll have to document the "csrf" story and features of lightlink. 


To make REST service work without CSRF token check, you can try with this in web.xml 

<servlet>
    <servlet-name>RestServlet</servlet-name>
    <servlet-class>io.lightlink.servlet.RestServlet</servlet-class>
    <init-param>
        <param-name>No-CSRF-token-check</param-name>
        <param-value>true</param-value>
    </init-param>
</servlet>
You need the 1.0.4 version of lightlink
More about CSRF: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#General_Recommendation:_Synchronizer_Token_Pattern

Regards,
Vitaliy

Guy Poulalion

unread,
Mar 23, 2016, 2:17:24 AM3/23/16
to LightLink.io community support
It work fine :-)

Thank you so much.


Regards,

Guy

Reply all
Reply to author
Forward
0 new messages