AEM Sparks: CSRF Framework ClientLib

05287_AEM-Spark_CSRF-Framework-ClientLib

Starting with Adobe Experience Manager 6.1, there’s a new Cross-Site Request Forgery framework baked into AEM; you may have noticed this when your POST requests started getting rejected. There’s a simple way to make sure your form includes the correct code so that it can obtain a CSRF token. Just use the following in your HTL somewhere inside the <form> tag:

If you have a better solution to this problem that you’d like to share, contact us at info@aempodcast.com.