Salesforce Exam B2C Commerce Developer Topic 10 Question 53 Discussion

Actual exam question for Salesforce's B2C Commerce Developer exam

Question #: 53
Topic #: 10

In Log Center, a developer notes a number of Cross Site Request Forgery (CSRF) log entries. The developer knows that this happens when a CSRF token is either not found or is invalid, and is working to remedy the situation as soon as possible.

Which two courses of action might solve the problem?

Choose 2 answers

AAdd the token in the ISML template.

BExtend the CSRF token validity to avoid timeouts.

CDelete the existing CSRF whitelists in Business Manager.

DAdd csrfProtection.generateToken as a middleware step in the controller.

Show Suggested Answer

Suggested Answer: A

by Daniel at Sep 03, 2023, 12:59 PM

Limited Time Offer

25%

Off

Get Premium B2C Commerce Developer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Nadine

5 days ago

Extending the CSRF token validity? Nah, that's just kicking the can down the road. Better to address the root cause.

upvoted 0 times

...

Rebbecca

12 days ago

Adding the token in the ISML template is the right move. That's the standard way to include the CSRF token in the page.

upvoted 0 times

...

Tammara

13 days ago

I'm not sure about deleting the existing CSRF whitelists in Business Manager. Maybe adding csrfProtection.generateToken as a middleware step in the controller would be more effective.

upvoted 0 times

...

Domingo

15 days ago

I agree with Dominque. Extending the CSRF token validity might also be a good idea.

upvoted 0 times

...

Dominque

18 days ago

I think adding the token in the ISML template could help.

upvoted 0 times

...