Warm tip: This article is reproduced from serverfault.com, please click
alexa hana http token

How do I set the X-CSRF-Token correctly in an Alexa POST Request to SAP HANA? (403 error)

发布于 2017-12-19 19:46:08

I have a problem with the x-csrf-token validation with regard to a HTTPS-Post-Request. The request comes from a Lambda function triggered by an Amazon Alexa skill and is sent to a XSO Data file running on the SAP Cloud Platform in an SAP HANA Database. I use Javascript/Node.js.

A valid token is set in the request header (see code in the first picture below) but the response header shows for the x-csrf-token "required" (see code in the second picture below). So there is an error with the validation. The same post request with POSTMAN works correctly, but when I try it via a JS File as a Lambda function (in the first picture) there it comes this error with HTTP status code 403 (see code in the second picture below). The POST request itself does work, but the token validation not. GET requests work fine.

Does anybody know a possible solution?

Thank you very much!

1.picture: request

2.picture: response

Questioner
VfBPower123
Viewed
0
分享
Saswata Roy 2018-01-16 04:47:39

Please try to get the csrf token first before setting it to the request body. CSRF token changes from device to device as well as the timeframe. I also had a similar issue, and upon implementing the above solution, it started working perfectly.

VfBPower123 2018-01-16 10:22:09

Thanks for your answer. I already did it. I fetch the token via GET request, then I set it in the Post request body.

Saswata Roy 2018-01-16 12:46:33

might like to mark this as a correct answer since someone can get help from this thread :)

热门帖子

1
今天碰到的一个看似简单的算法问题卡的我头疼:余额和构成余额的交易的问题,问 GPT 也没结果
2
IPV6 太香了
3
最近同事的一句话让我一直耿耿于怀,大伙帮忙分析下
4
最便宜 2.5G 的 Wi-Fi6 光猫, F7615TV3 很不错
5
32 了失业好久,活不下去了,求一份远程工作,前端或者 nextjs 全栈
6
阿里 ECS 突然 CPU 和磁盘 IO 跑满,如何去查,给阿里提工单有用吗
7
公司下个月要裁员,现在要提桶跑路吗?
8
我这个到底是什么病,还有救吗
9
校园网限速,之前用 UDP 协议经过 53 端口可以跑满 500 兆,现在不行了,速度只有几 K,请问如何破。
10
有出服务器类发票的吗?

热门github

1
A multi-platform library for OpenGL, OpenGL ES, Vulkan, window and input
2
Dev tool that writes scalable apps from scratch while the developer oversees the implementation
3
shadcn/ui, but for Svelte. ✨
4
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
5
Performance-portable, length-agnostic SIMD with runtime dispatch
6
ZK Credo
7
OpenCodeInterpreter: Integrating Code Generation with Execution and Refinement
8
Joplin - the secure note taking and to-do app with synchronisation capabilities for Windows, macOS, Linux, Android and iOS.
9
Mamba is a new state space model architecture showing promising performance on information-dense data such as language modeling, where previous subquadratic models fall short of Transformers. It is based on the line of progress on structured state space models, with an efficient hardware-aware design and implementation in the spirit of FlashAttention.
10
This repository contains System Design resources which are useful while preparing for interviews and learning Distributed Systems
11
Curso para aprender el lenguaje de programación Python desde cero y para principiantes. 75 clases, 37 horas en vídeo, código, proyectos y grupo de chat. Fundamentos, frontend, backend, testing, IA...
12
🎓 Path to a free self-taught education in Computer Science!
13
1️⃣🐝🏎️ The One Billion Row Challenge -- A fun exploration of how quickly 1B rows from a text file can be aggregated with Java
14
A collective list of free APIs
15
📚 Freely available programming books