How to add CSRF token to form in TeamCity 2020.1

I have a settings form in my plugin and since TC 2020.1 this form should be signed with csrf token.

Could you suggest how to add the CSRF token to settings form (JSP file)?

I tried to find similar plugin in JetBrains GitHub account, but unfortunately this attempt was failed.

4 comments
Comment actions Permalink

Hello Alex, 

  The CSRF token can be obtained from the HTTP session with session.getAttribute(CSRFFilter.ATTRIBUTE) or using AJAX call `https://your-server/authenticationTest.html?csrf`

   Hope this helps,

   KIR

0
Comment actions Permalink

Thanks for the answer, Kirill Maximov

So in my form I need to add hidden attribute with name from constant CSRFFilter.ATTRIBUTE and the value from the session, right?

0
Comment actions Permalink

Yes, this should work.

 

Best,

0
Comment actions Permalink

yes, it works, great!

 

Thank you

0

Please sign in to leave a comment.