Page History
Cross-Site request forgery protection (CSRF)
The Runtime uses Cross-Site Request Forgery (CSRF) protection using using a variant of Synchronizer Token pattern for POST requests to the /session/ URL pattern. Only Blueriq's own controllers are protected, as customers may use other methods/frameworks for this purpose. Both Spring MVC and ASP.NET MVC have specific methods for CSRF protection. The CSRF mechanism is as follows:
...
Overview
Content Tools