Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-10836

Add property to disable CsrfPreventionFilter

XMLWordPrintable

    • Icon: Bug Report Bug Report
    • Resolution: Unresolved
    • Icon: L3 - Default L3 - Default
    • None
    • spring-boot 3.2.6
    • spring-boot
    • None

      When using the Spring Boot Starter there should be an option to disable CSRF prevention.
      Example: camunda.bpm.webapp.csrf.enabled=false (default: true)

      Spring Security contains also CSRF protection. It is enabled by default, but it can be disabled, see the Reference Guide. It would be consistent that CsrfPreventionFilter can be disabled too.

      The Camunda CsrfPreventionFilter can also cause errors like CAM-9589. In such cases it is difficult to programmatically disable this Filter.

      This could be a possible solution for the warning displayed in the user guide.

        This is the controller panel for Smart Panels app

              thorben.lindhauer Thorben Lindhauer
              rweisleder Roland Weisleder
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: