Create cross-site request forgery (CSRF) Allowlists for B2C Commerce
Configure how your site handles CSRF allowlists.
Required Editions
Available in: B2C Commerce
In Business Manager click App Launcher , and then select Administration > Global Preferences > Security and
select the CSFR Settings tab.
Configure two types of CSRF allowlists: allowlists for pairs of pipelines
and start nodes, and allowlists for user agents.
To allowlist a pipeline and start node, enter the names of the pipeline and
start node in the Add Pipeline/Start Node to Allowlist fields, and click
Add Pipeline/Startnode.
Repeat this step to allow additional pipeline/startnode pairs.
To allowlist a user agent, select an instance type from the Instance Type dropdown,
enter the name of the user agent in the Add UserAgent to Allowlist field, and
click Add UserAgent.
Repeat this step to allowlist additional user agents.
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
