Sign Up ›
  • Mateusz Zwierzynski
  • NEWBIE
  • 0 Points
  • Member since 2016
  • Finally
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 0
    Replies
2 replies

Stuck in trailhead - (Prevent Cross-Site Request Forgery (CSRF))

Dear Colleagues,

I'm stuck in trailhead section Prevent Cross-Site Request Forgery (CSRF). While checking challenge, everytime error appears. The code works as expected. Do you have any idea what's wrong? 

<apex:page controller="CSRF_Challenge" sidebar="false" tabStyle="CSRF_Challenge__tab">
<apex:sectionHeader title="CSRF Challenge" />
<apex:form >
    <apex:pageBlock >
        <apex:pageMessages />      
        <apex:pageBlockSection title="Demo" columns="1" id="tableBlock">

            <apex:pageBlockTable value="{!Requisitions }" var="req">
                <apex:column headervalue="Castle">
                    <apex:outputfield value="{!req.Castle__c}" />
                </apex:column>             
                <apex:column headervalue="Resource">
                    <apex:outputfield value="{!req.Resource__c }" />
                </apex:column> 
                <apex:column headervalue="Quantity">
                    <apex:outputfield value="{!req.Quantity__c}" />
                </apex:column>
                <apex:column headervalue="Name">
                    <apex:outputfield value="{!req.Name}" />
                </apex:column> 
                <apex:column headervalue="Approved">
                    <apex:outputfield value="{!req.Approved__c}" />
                </apex:column>                                                  
               <apex:column headervalue="Approval Action">
                    <apex:outputLink target="_new" value="/apex/CSRF_Challenge?approve={!req.id}">Approve This Requisition</apex:outputLink>
                </apex:column>
                <apex:column headervalue="Approval Action (NO CSRF)">
                    TBD
                    <!-- complete challenge here -->
                    <apex:commandLink value="Approve This Requisition" action="{!approveReqNOCSRF}"> <apex:param name="accId" value="{!req.id}" assignTo="{!approve}"/> </apex:commandLink>
                </apex:column>                                                                                               
            </apex:pageBlockTable>
       
        </apex:pageBlockSection>
        <apex:pageBlockSection title="Code links" columns="1">
            <apex:outputPanel >
                <ul>
                    <li><c:codeLink type="Visualforce" namespace="" name="CSRF_Challenge" description="Visualforce Page"/></li>            
                    <li><c:codeLink type="Apex" namespace="" name="CSRF_Challenge" description="Apex Controller"/></li>
                </ul>
            </apex:outputPanel>        
        </apex:pageBlockSection>        
    </apex:pageBlock>          
</apex:form>              
</apex:page>