I am able to preview VF page from Developer Console when the CSRF is unchecked. When the "Require CSRF protection on GET requests" is check I am not able to preview the VF page.. Can someone help me please?

January 6, 2022
·
Like
0
·
Follow
0

Best Answer chosen by Maverick26

Swetha (Salesforce Developers)
HI Sai Kiran,
Can you share the VF code?

Also recommend reviewing https://salesforce.stackexchange.com/questions/161301/critical-update-allow-csrf-protection-on-get-requests-to-visualforce-pages-c based on which,if the VF redirection logic is broken then look for places where you have used anchor tags and replace with one of the below formats
<apex:outputLink value="/apex/PageName">Link using apex:outputlink</apex:outputlink> <a href="{!$Page.PageName}">Link using $Page</a> <a href="{!URLFOR($Page.PageName)}">Link using URLFOR()</a>
Similarly, ensure all redirection happen via pagereference methods like below
public class customController { public PageReference getPage() { return new PageReference('/apex/PageName'); } public PageReference getPage1() { return Page.PageName; } }

If this information helps, please mark the answer as best. Thank you

January 7, 2022
·
Like
1
·
Dislike
0

This was selected as the best answer

Maverick26
Hi Swetha

Thanks for the reply, here I'm trying to the VP page which has CSRF token enabled and it in "Login Flow". This is the issue if it is a vf page
page reference would have been enough. But, it's a login flow.

Can you please help me with any of the approaches?

Thanks in advance.

February 2, 2022
·
Like
0
·
Dislike
0

You need to sign in to do that.

Need an account? Sign Up

Have an account? Sign In

Dismiss

Browse by Topic

Welcome to Support!

Show

sorted by

I am able to preview VF page from Developer Console when the CSRF is unchecked. When the "Require CSRF protection on GET requests" is check I am not able to preview the VF page.. Can someone help me please?

All Answers

You need to sign in to do that.