Detail about CSRF token fetch request

2019 年 10 月 4 日
笔记

版权声明：本文为博主原创文章，遵循 CC 4.0 BY-SA 版权协议，转载请附上原文出处链接和本声明。

本文链接：https://jerry.blog.csdn.net/article/details/100849755

Created by Jerry Wang, last modified on Jun 17, 2015

updateSecurityToken
bTokenHandling
x-csrf-token
oServiceData.securityToken
ODataModel._createBatchRequest
ODataModel.prototype.refreshSecurityToken

Who has started this csrf token request? It is automatically done by oDataModel framework.

Now we know that everytime an HTTP post request is sent, the token will be forced to fresh from backend.

So it means it will not be repeatedly called every time we select another item in navigation list.

And by default, all oData instance should have set this flag as true, which could be observed in constructor.

And by default, all oData instance should have set this flag as true, which could be observed in constructor.

Created by Jerry Wang, last modified on Jul 22, 2015

updateSecurityToken
Security
Token
x-csrf-token
bTokenHandling 以opportunity为例：

如果token不available，就发Odata request到后台去取：

问题：this.bTokenHandling什么时候置为true？

在ODataModel的构造函数里。

Previous post

Error Message – 400 File is not contained in a resource root

Next post

how cross component navigation is achieved