• Type: Bug Report
• Resolution: Fixed
• Priority: L3 - Default
• Fix Version/s: spring-boot 3.3.1, spring-boot 2.3.2, spring-boot 3.0.3, spring-boot 3.1.3, spring-boot 3.2.3
• Affects Version/s: spring-boot 2.3.0, spring-boot 3.0.0, spring-boot 3.1.0, spring-boot 3.2.0, spring-boot 3.3.0
• Component/s: spring-boot
• Labels:

  None

This is the controller panel for Smart Panels app

[CAM-10364] Spring Boot Starter Webapp filters cover Rest API

Nikola Koevski created issue - 24/May/19 3:50 PM

Nikola Koevski made changes - 24/May/19 4:28 PM

Affects Version/s		New: spring-boot 3.2.0 [ 15355 ]
Affects Version/s		New: spring-boot 3.1.0 [ 15315 ]
Affects Version/s		New: spring-boot 3.0.0 [ 15297 ]
Affects Version/s		New: spring-boot 2.3.0 [ 14993 ]

Nikola Koevski made changes - 24/May/19 4:29 PM

Fix Version/s

New: spring-boot 3.3.1 [ 15399 ]

Nikola Koevski made changes - 24/May/19 4:30 PM

Status

Original: Open [ 1 ]

New: Ready [ 10005 ]

Nikola Koevski made changes - 24/May/19 4:30 PM

Component/s

Original: webapp [ 13552 ]

Nikola Koevski made changes - 24/May/19 4:31 PM

Description

Original: *Given:* The following dependencies are used: * {{camunda-bpm-spring-boot-starter-webapp}}/{{camunda-bpm-spring-boot-starter-webapp-ee}} * {{camunda-bpm-spring-boot-starter-rest}} *When:* A modifying HTTP Request (POST/PUT/DELETE) is sent through the Rest API. *Then:* An {{Internal Server Error}} is reported (500), with message: {{Cannot create a session after the response has been committed}}. *Expected:* The Rest API can be used together with the Webapps in the Spring Boot Starter. *Hint:* The reason for the bug is that all resources in the starter are put on the root context path. This creates an overlap for the url patterns of the Webapps and Rest API, causing CSRF validation of Rest requests.

New: *Given:* The following dependencies are used: * {{camunda-bpm-spring-boot-starter-webapp}} OR {{camunda-bpm-spring-boot-starter-webapp-ee}} * {{camunda-bpm-spring-boot-starter-rest}} *When:* A modifying HTTP Request (POST/PUT/DELETE) is sent through the Rest API. *Then:* An {{Internal Server Error}} is reported (500), with message: {{Cannot create a session after the response has been committed}}. *Expected:* The Rest API can be used together with the Webapps in the Spring Boot Starter. *Hint:* The reason for the bug is that all resources in the starter are put on the root context path. This creates an overlap for the url patterns of the Webapps and Rest API, causing CSRF validation of Rest requests.

Thorben Lindhauer made changes - 24/May/19 4:52 PM

Fix Version/s		New: spring-boot 2.3.2 [ 15400 ]
Fix Version/s		New: spring-boot 3.0.3 [ 15401 ]
Fix Version/s		New: spring-boot 3.1.3 [ 15402 ]
Fix Version/s		New: spring-boot 3.2.3 [ 15403 ]

Nikola Koevski made changes - 27/May/19 3:06 PM

Status

Original: Ready [ 10005 ]

New: In Progress [ 3 ]

Nikola Koevski made changes - 27/May/19 3:08 PM

Assignee	Original: Nikola Koevski [ nikola.koevski ]	New: Yana Vasileva [ yana.vasileva ]
Resolution		New: Fixed [ 1 ]
Status	Original: In Progress [ 3 ]	New: Resolved [ 5 ]
Remaining Estimate		New: 0 minutes [ 0 ]
Original Estimate		New: 0 minutes [ 0 ]

Yana Vasileva made changes - 27/May/19 3:56 PM

Assignee	Original: Yana Vasileva [ yana.vasileva ]
Status	Original: Resolved [ 5 ]	New: Closed [ 6 ]