I am able to preview VF page from Developer Console when the CSRF is unchecked. When the "Require CSRF protection on GET requests" is check I am not able to preview the VF page.. Can someone help me please?
Also recommend reviewing https://salesforce.stackexchange.com/questions/161301/critical-update-allow-csrf-protection-on-get-requests-to-visualforce-pages-c based on which,if the VF redirection logic is broken then look for places where you have used anchor tags and replace with one of the below formats
<apex:outputLink value="/apex/PageName">Link using apex:outputlink</apex:outputlink>
<a href="{!$Page.PageName}">Link using $Page</a>
<a href="{!URLFOR($Page.PageName)}">Link using URLFOR()</a>
Similarly, ensure all redirection happen via pagereference methods like below
public class customController {
public PageReference getPage() {
return new PageReference('/apex/PageName');
}
public PageReference getPage1() {
return Page.PageName;
}
}
If this information helps, please mark the answer as best. Thank you
Also recommend reviewing https://salesforce.stackexchange.com/questions/161301/critical-update-allow-csrf-protection-on-get-requests-to-visualforce-pages-c based on which,if the VF redirection logic is broken then look for places where you have used anchor tags and replace with one of the below formats
<apex:outputLink value="/apex/PageName">Link using apex:outputlink</apex:outputlink>
<a href="{!$Page.PageName}">Link using $Page</a>
<a href="{!URLFOR($Page.PageName)}">Link using URLFOR()</a>
Similarly, ensure all redirection happen via pagereference methods like below
public class customController {
public PageReference getPage() {
return new PageReference('/apex/PageName');
}
public PageReference getPage1() {
return Page.PageName;
}
}
If this information helps, please mark the answer as best. Thank you
Thanks for the reply, here I'm trying to the VP page which has CSRF token enabled and it in "Login Flow". This is the issue if it is a vf page page reference would have been enough. But, it's a login flow.
Can you please help me with any of the approaches?
Can you share the VF code?
Also recommend reviewing https://salesforce.stackexchange.com/questions/161301/critical-update-allow-csrf-protection-on-get-requests-to-visualforce-pages-c based on which,if the VF redirection logic is broken then look for places where you have used anchor tags and replace with one of the below formats Similarly, ensure all redirection happen via pagereference methods like below
If this information helps, please mark the answer as best. Thank you
All Answers
Can you share the VF code?
Also recommend reviewing https://salesforce.stackexchange.com/questions/161301/critical-update-allow-csrf-protection-on-get-requests-to-visualforce-pages-c based on which,if the VF redirection logic is broken then look for places where you have used anchor tags and replace with one of the below formats Similarly, ensure all redirection happen via pagereference methods like below
If this information helps, please mark the answer as best. Thank you
Hi Swetha
Thanks for the reply, here I'm trying to the VP page which has CSRF token enabled and it in "Login Flow". This is the issue if it is a vf page
page reference would have been enough. But, it's a login flow.
Can you please help me with any of the approaches?
Thanks in advance.