Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-10836

Add property to disable CsrfPreventionFilter

    XMLWordPrintable

    Details

    • Type: Bug Report
    • Status: Open
    • Priority: L3 - Default
    • Resolution: Unresolved
    • Affects Version/s: spring-boot 3.2.6
    • Fix Version/s: None
    • Component/s: spring-boot
    • Labels:
      None

      Description

      When using the Spring Boot Starter there should be an option to disable CSRF prevention.
      Example: camunda.bpm.webapp.csrf.enabled=false (default: true)

      Spring Security contains also CSRF protection. It is enabled by default, but it can be disabled, see the Reference Guide. It would be consistent that CsrfPreventionFilter can be disabled too.

      The Camunda CsrfPreventionFilter can also cause errors like CAM-9589. In such cases it is difficult to programmatically disable this Filter.

      This could be a possible solution for the warning displayed in the user guide.

        mgm-controller-panel

        This is the controller panel for Smart Panels app

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                thorben.lindhauer Thorben Lindhauer
                Reporter:
                rweisleder Roland Weisleder
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                  Dates

                  Created:
                  Updated:

                    Salesforce