on 2023 Feb 07 3:07 AM
Hello experts,
I face a confusing issue with SAM MDK 6.3.4 when it runs on iOS. I receive the following error on my first attempt to call the backend: CSRF token is missing. The issue is reproducible with the application Mobile Svc installed from AppStore as well as with custom MDK client build v.6.3.3 and 6.3.3
The service endpoint is OData v.4 and the error is observed only on iOS: on real device and simulator. It works without issue on Android
There are 2 strange things about the error:
{"error":{"code":"/IWBEP/CM_V4H_RUN/043","message":"CSRF token is missing","@SAP__common.ExceptionCategory":"CSRF_Token_Missing"}
Do you fetch this CSRF token during the application boarding? Do you use a technical user for this? Do you have any explanation or hint what I could miss and how I can further investigate is something is wrong with the application?
Regards,
Dimiter
Request clarification before answering.
We will need toe Mobile Services experts to weigh in here as I believe this is managed in the Mobile Services -> Destination Service -> Cloud Connector -> Backend chain.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Mobile Services experts,
Please help me to locate the reason for this issue and to address the solution. Here you are the details I have so far:
Any comment, hint, proposal will be highly appreciated
Best Regards,
Dimiter
Hi Dimiter,
I need more information and confirm with you:
Thanks
Wen-nan
bill.froelich
Hello wen-nan.chu
Thank you for the instructions how to activate network trace. I recorded the network activity, and I don’t see CSRF sent for our POST when application is running on iOS
Answers to your questions:
Comparing the traces for the application that runs with exact same mobile service configuration, I see that CSRF is returned for every GET call for both platforms. However, in traces for iOS session I don’t see the token used in the POST call
I also see that the GET calls are slightly different in both scenarios (the steps are identical and simple: when the application starts, I just try to perform call)
Let me know if you need more dataBest Regards,DimiterUser | Count |
---|---|
73 | |
30 | |
8 | |
8 | |
7 | |
6 | |
6 | |
4 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.