Forum Discussion
MattV
9 months agoKhoros Staff
That is used by OOB components to prevent CSRF attacks (e.g. tricking a user to click on a url to perform an action they didn't intend to).
I believe the way this works on the backend, that token is included on links that are considered to be privileged (e.g. giving kudos), and it is checked on the server that it is the same value that is expected.
So the only way it would be useful in freemarker, is if you could verify the value.
Alternatively, what we do in Professional Services, is create our own random value, and store it in the user cache. We use that value on URLs that will typically call a custom endpoint. In that custom endpoint, we verify the value being sent with the one in the user cache.
Related Content
- 4 years ago
- 13 years agoInactive User
- 6 years ago