Muhannad_64809
Feb 25, 2018Nimbostratus
ASM- CSRF protection.
Dears,
We are encountering an issue with CSRF protection after upgrading to version 13.0.0 HF3, noting that we didn't have the issue in version 12.1.2.
The CSRF protection is breaking a youtube video (It is embedded in the HTML by iframe and Java scripts), As far as i know that the system only examines URLs that you add to the URL List. The system performs as though all other URLs are safe and does not examine them, in my case i am not specifying any URLs in the list but unfortunately the CSRF protection breaking some of the URLs.
I am wondering if there are any changes of the CSRF protection behavior in version 13.0.0 HF3 ?
Regards, Muhannad