CSRF strict validation (instance security hardening)
Use the glide.security.csrf.strict.validation.mode property to enable CSRF token strict validation. If the CSRF token doesn't match, it prevents resubmission of the request.
More information
| Attribute | Description |
|---|---|
| Property name | glide.security.csrf.strict.validation.mode |
| Configuration type | System Properties (/sys_properties_list.do) |
| Configure in Instance Security Center | Yes |
| Purpose | To enforce strict validation of CSRF token, and prevents its reuse. |
| Recommended value | true |
| Functional Impact | This remediation enables an extra validation step before the instance user submits a write request to the instance. It checks whether the current CSRF token has been used previously. If Yes, it prevents submission of further write requests. |
| Security risk | (Medium) Cross site Request Forgery is a significant security risk that violates the integrity of the instance data. An attacker can launch the CSRF attack on any instance user by abusing the trust of the instance user. With the help of social engineering attacks, a user can submit a malformed request to the instance on behalf of the attacker. |
To learn more about adding or creating a system property, see Add a system property.