CSRF strict validation - glide.security.csrf.strict.validation.mode

Meenal Gharat
Giga Guru

‎09-02-2020 03:13 AM

Hello Experts,

I'm trying set the glide.security.csrf.strict.validation.mode property to true.As per best practice.

Any thoughts or suggestions how can I test the functionality or After setting this property to true how will this impact other functionality?

Thanks and Regards,

Meenal

 

0 Helpfuls
  • 2,282 Views
3 REPLIES 3

mit2324
Kilo Expert

‎02-03-2021 04:28 AM

Hi Meenal,

Did you get how to test the functionality?

Thanks,

Mithun

0 Helpfuls

Jagmeet SIngh1
Tera Contributor

‎07-13-2021 12:45 AM

Hi Meenal/Mithun

Did you get how we can test this??

thanks,

Jagmeet Singh

0 Helpfuls

Mithun9
Mega Contributor

‎07-15-2021 12:14 AM

Hi Jagmeet,

1. Platform Error

  • Login in as a caseworker to the platform.
  • Open any record like Incident/task in different tab and enter the details.
  • And the user is logged out of the instance due to inactivity for a long time.
  • The user/case agent will login again to the instance and when tries to submit the form the below warning message is displayed and doesn't allow user to submit the form.

       find_real_file.png

 

Earlier Continue button used to appear, after making the property true it's not visible in the warning. One risk I observed is user may loose the data he filled in the form. It also applies in the portal. So make sure to check both in platform and portal. There could be other change also but this is one way I have found.

Check this link also: https://community.servicenow.com/community?id=community_question&sys_id=06d54b21db1cdbc01dcaf3231f9619f3&view_source=searchResult

 

Thanks,

Mithun

Preview file
13 KB