how to implement csrf protection for cross domain requests

Question

I have two web apps, one for the Web UI in AngularJS and one for the REST webservices in Java. Both are deployed on separate domains.

The applications uses cookie for au

Answer 1

$http docs : Angular provides a mechanism to counter XSRF. When performing XHR requests, but will not be set for cross-domain requests.

This is a small lib put together might help you https://github.com/pasupulaphani/angular-csrf-cross-domain