Hi All,
I am facing a problem where in a HANA xsjs call which is protected using CSRF tokens fails from a mobile application.
Scenario:
Mobile application is built using Cordova and HTML5.
Ajax request is sent to retrieve data from a xsjs service.
Before the AJAX request is sent, i fetch the CSRF token and set it in the subsequent request's header.
But the request is rejected.
When i logged the tokens, i found that the CSRF tokens do not match between the 2 requests.
I looked into applications which are purely browser web apps, and see that on the mobile device the session id and other parameters which would be stored in a cookie in the browser are missing.
How do we overcome this problem?
Thanks,
Vidya