We have react js app as frontend application and springboot api as backed enabled with CSRF, which run in different domain.
What is the best way to pass csrf token between rest API and react application.
Asked
Active
Viewed 862 times
1 Answers
0
Normally CSRF tokens are passed in payload of HTTP Request. If your REST API has no cookie dependency (eg: for Authentication), I dont see any need for CSRF Protection. You can refer this link for more details. https://security.stackexchange.com/questions/166724/should-i-use-csrf-protection-on-rest-api-endpoints
Arun
- 56
- 1
-
Thanks for you answer.We use jwt token authorization not via cookie but we do pass few values via cookies. – Parthipan Amirthalingam Nov 15 '21 at 08:23