KB Article #177297

Scan detected XSRF on API dashboard (port 8090)


-- A scan detected a Cross-Site Request Forgery (XSRF) problem on the API dashboard (port 8090).


* This is due to missing safety checks in the Node Manager's configuration. For 7.4, it will be corrected in a future SP (7.4.0 SP 2). Existing installs can bypass the issue with the following procedure:

  1. Stop the Node Manager.
  2. Using the 'open file' option on the very first screen in Policy Studio, load the Node Manager's configuration from /apigateway/conf/fed/configs.xml If you do not have PS installed on your server, copy the entire /conf/fed folder to a machine that does have PS, make the edits described below, then copy the folder back after step 5.
  3. Navigate to Node Manager | Listeners | Node Manager | Management Services | Paths | api ('api') Servlet then right click on the 'api' servlet and choose 'edit'.
  4. Click add to add a servlet property to the api servlet with the following properties:
    Name: com.sun.jersey.spi.container.ResourceFilters
    Value: com.vordel.common.apiserver.filter.CsrfProtectionFilterFactory
  5. Click 'ok' and close PS. If you moved the config to another machine for editing, this is where you copy the files back to the NM.
  6. Restart the Node Manager.

This property will cause the API to do a referer check on requests coming in, defeating XSRF attacks.