403 CSRF verification failed - request aborted
search cancel

403 CSRF verification failed - request aborted

book

Article ID: 245430

calendar_today

Updated On:

Products

Symantec ZTNA

Issue/Introduction

Users cannot log in to web applications while using SAC. 
 
The login page comes up, however, when attempting to log in, SAC returns an HTTP 403 error.
 
After reviewing a HAR file, it is observed that the destination web server responded with the following error message:

 

Environment

Secure Access Cloud

Cause

The site has implemented CSRF mitigations such as CSRF Tokens and CSRF Cookies.

The error message states that the site requires a CSRF cookie when submitting forms. This indicates that the origin site has implemented SameSite cookies to defend against CSRF attacks.

Resolution

It is suggested to reach out to the application vendor to allow (add to whitelist) your SAC domain or custom domains to bypass the CSRF check.

Powered by Wolken Software