You need to sign in to do that
Don't have an account?
Alexander Tsitsura
Unable to complete Trailhead challenge: "Prevent Cross-Site Request Forgery (CSRF)"
Hi all
I am unable to complete this challenge because whenever I am clicking check button, I receive the error message.
I don't understand what is wrong. I removed the action handler from the apex:page tag and below the comment "<!-- complete challenge here -->" added command link.
Any advice?
Thanks,
Alex
I am unable to complete this challenge because whenever I am clicking check button, I receive the error message.
"Challenge Not yet complete... here's what's wrong:
It doesn't appear that you've added protection against CSRF. Make sure you re-write the outputlink to a commandlink that is not vulnerable to CSRF, that the action is no longer in the on-load method and the correct method is referenced by the command link"
It doesn't appear that you've added protection against CSRF. Make sure you re-write the outputlink to a commandlink that is not vulnerable to CSRF, that the action is no longer in the on-load method and the correct method is referenced by the command link"
I don't understand what is wrong. I removed the action handler from the apex:page tag and below the comment "<!-- complete challenge here -->" added command link.
<apex:page controller="CSRF_Challenge" sidebar="false" tabStyle="CSRF_Challenge__tab" > <!-- action="{!approveReq}" --> <apex:sectionHeader title="CSRF Challenge" /> <apex:form > <apex:pageBlock > <apex:pageMessages /> <apex:pageBlockSection title="Demo" columns="1" id="tableBlock"> <apex:pageBlockTable value="{!Requisitions }" var="req"> <!-- skipped --> <apex:column headervalue="Approval Action"> <apex:outputLink target="_new" value="/apex/CSRF_Challenge?approve={!req.id}">Approve This Requisition</apex:outputLink> </apex:column> <apex:column headervalue="Approval Action (NO CSRF)"> TBD <!-- complete challenge here --> <apex:commandLink value="Approve This Requisition" action="{!approveReqNOCSRF}"> <apex:param name="reqId" value="{!req.id}" assignTo="{!approve}"/> </apex:commandLink> </apex:column> </apex:pageBlockTable> </apex:pageBlockSection> <!-- skipped --> </apex:form> </apex:page>
Any advice?
Thanks,
Alex
<apex:param name="reqId" value="{!req.id}" assignTo="{!approve}"/>
to
<apex:param name="approve" value="{!req.id}" assignTo="{!approve}"/>
All Answers
<apex:param name="reqId" value="{!req.id}" assignTo="{!approve}"/>
to
<apex:param name="approve" value="{!req.id}" assignTo="{!approve}"/>
Jeff Douglas
Trailhead Developer Advocate
I am doiing the same, but it is not letting me save . getting error as
Error: Unknown property 'String.Castle__c'
Object has these fields.
I tried commenting. but no use.
Thanks.
This worked for me