Where in the code does the developer need to add this CSRF validation check?

To ensure SFRA best practices and protect against request forgery, the developer introduced CSRF token generation in the customer address form:

<form … action = “submit”>

<input name =”${dw.web.CSRFProtection.getTokenName()}”

value = “${dw.web.CSRFProtection.generateToken()”>



<the rest of the Form fields>



</form>

To implement CSRF protection when the form is submitted, the developer needs to introduce the CSRF

validation using one or both of these methods as applicable:

validateRequest

validateAjaxRequest

Where in the code does the developer need to add this CSRF validation check?
A . In the controller function that displays the form
B. In the middleware chain of the controller post route
C. In the controller function that handles the submitted form
D. In the model function that persists the form data

Answer: B

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments