Type: Bug Report
Priority: L3 - Default
Affects Version/s: 7.11.0
Fix Version/s: None
Title Keywords:Camunda Cockpit, X-XSRF-TOKEN
When trying to edit an object variable of a process instance in Camunda Cockpit, the X-XSRF-TOKEN header is not send in the post request, which results in a 500 Internal Server Error, the variable not getting changed and getting logged out.
- Go to a running process instance in Camunda Cockpit
- Click on the Value of an Variable that is of the type Object
- In the now open Form go to the Deserialized tab and change the value there.
- Click the Change Button.
After that you see the error that the variable could not be changed successfully, and after you try to navigate to somewhere else you get redirected to the login page.
java.lang.IllegalStateException: Cannot create a session after the response has been committed
All other POST requests work as expected and have the header "X-XSRF-TOKEN" included in the request (Like the request sent when changing a simple property, like String or Long).