can someone explain me what is the role of
syncId aswell as the
clientId ?
There are placed in the
csrf-token which is in turn placed in the http request.
I know that the
csrf token is a protection against csrf-attacks, but it contains more value than other csrf-token I have seen.
If you watch this webinar where we are configure performance testing with Jmeter, this question of yours gets covered pretty well too. https://www.youtube.com/watch?v=XQ1ws12W6gk
is the usage of the clientId something new? Because I look a page which is built with vaadin and using the network inspector showed me, that no clientId was visible…only the syncId.
To be honest the diffrence is not clear to me. In the video it says that the syncId takes care that no requests are dropped between other requests. A typical identifier for each request, but the clientId is the same too wright? The only difference I can see is that clientId increases from some client-side interactions only.
Synchronization tokens
To ensure messages are processed in the correct order, the framework uses two synchronization tokens internally: syncId (server-to-client) and clientId (client-to-server). Every time a new request is sent from a browser, the clientId is incremented by one and added to a payload. If the expected and received values do not match on a server, a re-synchronization attempt should be issued.
The syncId token, in contrast to the clientId, is incremented by one with every response from a server. A client always appends the last seen syncId value to a payload. This guarantees that requests are processed in the correct order on a server. If the received value is larger than expected, the operation is postponed until the missing messages arrive. A syncId’s value verification can be disabled in an application to simplify the load and scalability tests that are run.
We use cookies to serve our customers and website visitors in the best possible way. Cookies are used for the proper functioning of the website and for improving the user experience, monitoring visitor traffic and marketing purposes. By continuing to browse the site, you agree to our use of cookies. You can read more about cookies here.
We use cookies to serve our customers and website visitors in the best possible way. Cookies are used for the proper functioning of the website and for improving the user experience, monitoring visitor traffic and marketing purposes. By continuing to browse the site, you agree to our use of cookies. You can read more about cookies here.