Your Achievements
Level 1
0% to
Level 2
Next /
to gain points, level up, and earn exciting badges like the new Applaud 5 BadgeLearn more!
View All BadgesSign in to view all badges
Open Alert Bar

Adding custom headers to forms2 POST request?

linodejt
Level 1
Level 1
6 hours ago
6 hours ago

Adding custom headers to forms2 POST request?

I have a need to add a custom header — e.g. `X-My-Custom-Header: my-header-value` — to the POST request sent by a marketo embed on a third-party website.  The header is needed by a security layer that we have protecting the subdomain used by our marketo instance.

 

Has anyone ever tried something like this?  Any creative javascript solution for intercepting/injecting the header into the POST request?

0 Likes
15
Reply
1 REPLY 1
SanfordWhiteman
Level 10 - Community Moderator
Level 10 - Community Moderator
5 hours ago
5 hours ago

Re: Adding custom headers to forms2 POST request?

This seems kind of silly from a security standpoint? If it’s a static value that you add to every form post, a malicious person can just see the header on your site and send it themselves using a crafted POST. (This is a general reality with marketing forms: you can’t add meaningful authentication layers to them, because by definition they’re on public pages.)

 

In any case, yes, it is possible if you point to a custom XDFrame. As long as nobody is thinking “our forms are protected against forgery now”.

0 Likes
11
Reply
Home