Forum Discussion

Nimbostratus

Oct 01, 2014

ASM CSRF Expiration Time token

Hello I have recently implemented CSRF protection on few web based applications, so far so good but now I would like to enable expiration-time on the token so that it will be renewed every x sec...

MVP

Nov 17, 2014

i don't believe it works quite like that. it is the time the cookie is valid for after the page has been send, else you get an event that it isn't valid and you have to submit the request again ( i believe that means reloading the page ).

so i wouldn't set it too low because your users will get blocked requests.

Forum Discussion

ASM CSRF Expiration Time token

Recent Discussions

What is the meaning is 52% block in WAF

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Portal Access to HTTPS resources slow

How to Implement 2 Way SSL in F5 LTM

Related Content

iControl REST Authentication Token Management

LTM Certificate expire

question of limitation and expiration for rest api token

How To Protect Your Applications from Cross Site Request Forgery (CSRF) with F5 Distributed Cloud

set TOKEN [getfield [HTTP::uri]