Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-10562

I can read the restriction introduced on the Starter by CSRF prevention

XMLWordPrintable

      Given:
      As a user of the Camunda Spring Boot Starter, I can use the Camunda Webapps which have the CSRF Prevention Filter enabled.

      When:
      I try to implement my own @RequestMapping("/api")

      Then:
      Requests to it will fail, and my current session will be closed since no CSRF token will be present.

      Expected:
      I can read about this limitation and not create a RequestMapping on "/api".

      Note:
      Reported as a problem on the forum: https://forum.camunda.org/t/startprocessinstancebykey-on-rest-api-postmapping/13508/16?u=nikola.koevski

        This is the controller panel for Smart Panels app

            [CAM-10562] I can read the restriction introduced on the Starter by CSRF prevention

            Nikola Koevski created issue -
            Nikola Koevski made changes -
            Description Original: *Given:*
            As a user of the Camunda Spring Boot Starter, I can use the Camunda Webapps which have the CSRF Prevention Filter enabled.

            *When*:
            I try to implement my own {{@RequestMapping("/api")}}

            *Then:*
            Requests to it will fail, and my current session will be closed since no CSRF token will be present.

            *Expected:*
            I can read about this limitation and not create a RequestMapping on "/api".             		New: *Given:*
            As a user of the Camunda Spring Boot Starter, I can use the Camunda Webapps which have the CSRF Prevention Filter enabled.

            *When*:
            I try to implement my own {{@RequestMapping("/api")}}

            *Then:*
            Requests to it will fail, and my current session will be closed since no CSRF token will be present.

            *Expected:*
            I can read about this limitation and not create a RequestMapping on "/api".

            *Note:*
            Reported as a problem on the forum: https://forum.camunda.org/t/startprocessinstancebykey-on-rest-api-postmapping/13508/16?u=nikola.koevski
            Nikola Koevski made changes -
            Status Original: Open [ 1 ] New: In Progress [ 3 ]
            Nikola Koevski made changes -
            Assignee Original: Nikola Koevski [ nikola.koevski ] New: Tobias Metzke-Bernstein [ tobias.metzke ]
            Resolution New: Done [ 10000 ]
            Status Original: In Progress [ 3 ] New: Resolved [ 5 ]
            Remaining Estimate New: 0 minutes [ 0 ]
            Original Estimate New: 0 minutes [ 0 ]
            Tobias Metzke-Bernstein made changes -
            Assignee Original: Tobias Metzke-Bernstein [ tobias.metzke ]
            Status Original: Resolved [ 5 ] New: Closed [ 6 ]
            Martin Stamm made changes -
            Fix Version/s New: 7.12.0-alpha2 [ 15508 ]

              Unassigned Unassigned
              nikola.koevski Nikola Koevski
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: