Bookshelf Home | Contents | Index | PDF |
Web Services Reference for Oracle Billing Insight > Customizing RESTful Resources > About Authentication and Authorization > About Protection From Cross-Site Request ForgeryOracle Billing Insight uses the server-side request filter, com.sun.jersey.api.container.filter.CsrfProtectionFilter, to protect from a cross-site request forgery (CSRF) attack. The request filter checks for an X-Requested-By header in incoming HTTP requests other than GET, OPTIONS, or HEAD, by default. If the header is not found, then Response.Status.BAD_REQUEST returns. You must add an X-Requested-By header with an arbitrary value to all HTTP POST, PUT and DELETE requests sent to your REST endpoints. |
Web Services Reference for Oracle Billing Insight | Copyright © 2017, Oracle and/or its affiliates. All rights reserved. Legal Notices. | |