When we enable CSRF Protection, it block all other Get Request aswell; In the event log it is showig as CSRF blocked.
Kindly suggest we are using 12.X version.
Note: How do we verify that browser actually using the csrf token for the request ?
Have you seen this support article? Overview of the BIG-IP ASM CSRF protection feature
Hope this helps,