Asset Type ID | iscsrfguardconfig |
Substitution Values | |
Enabled isEnabled | Specifies whether CSRF guard is enabled in Integration Server. ![]() ![]() |
Excluded User Agents excludedUser Agents | A list of user agents for which Integration Server is not to apply CSRF guard. If CSRF guard is enabled, Integration Server requires that HTTP requests coming from user agents that are not specified as excluded must contain CSRF secure tokens. |
Landing Pages landingPages | A list of landing pages for the packages in your Integration Server. A landing page is the home page for a package. Integration Server does not check for CSRF secure tokens in the landing pages, but inserts a token for that page. Integration Server guards all further requests from these landing pages with CSRF secure tokens. |
Unprotected URLs unprotected URLs | The URLs for which Integration Server is not to check for CSRF secure tokens. If CSRF guard is enabled, Integration Server requires that the requests coming from all URLs that are not specified as unprotected must contain CSRF secure tokens. |
Denial Action denialAction | Action that you want Integration Server to perform when it detects that a request does not contain a CSRF secure token or contains an invalid CSRF secure token. ![]() ![]() |