Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-10562

I can read the restriction introduced on the Starter by CSRF prevention

    Details

    • Type: Task
    • Status: Closed
    • Priority: L3 - Default
    • Resolution: Done
    • Affects Version/s: 7.12.0
    • Fix Version/s: 7.12.0, 7.12.0-alpha2
    • Component/s: documentation
    • Labels:
      None
    • Title Keywords:
      spring boot starter, webapp, csrf

      Description

      Given:
      As a user of the Camunda Spring Boot Starter, I can use the Camunda Webapps which have the CSRF Prevention Filter enabled.

      When:
      I try to implement my own @RequestMapping("/api")

      Then:
      Requests to it will fail, and my current session will be closed since no CSRF token will be present.

      Expected:
      I can read about this limitation and not create a RequestMapping on "/api".

      Note:
      Reported as a problem on the forum: https://forum.camunda.org/t/startprocessinstancebykey-on-rest-api-postmapping/13508/16?u=nikola.koevski

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            Unassigned
            Reporter:
            nikola.koevski Nikola Koevski
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development