Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-11758

Camunda BPM Run: default CSRF prevetion config does not work for Firefox

XMLWordPrintable

    • Icon: Bug Report Bug Report
    • Resolution: Cannot Reproduce
    • Icon: L3 - Default L3 - Default
    • None
    • 7.13.0
    • run
    • None

      When I start Camunda BPM Run with the default configuration, loggingin with the demo credentials is not possible due to a CSRFPreventionFilter error.

      This only ocurrs when using Firefox with the CE and the EE version of Run and only with the default configuration. The production configuration sets some CSRF properties and this works fine with Firefox. This might be related to CAM-10791.

      Tested with:

      • Camunda BPM Run 7.13.0-alpha3(-ee)
      • H2
      • Firefox 74
      • Windows 10

      Expected behavior:
      When starting with the default configuration, the login works as expected.

        This is the controller panel for Smart Panels app

          1. image-2020-04-09-10-09-25-953.png
            image-2020-04-09-10-09-25-953.png
            14 kB

            [CAM-11758] Camunda BPM Run: default CSRF prevetion config does not work for Firefox

            Miklas Boskamp added a comment -

            I could not reproduce it a second time. Must have been a browser caching issue.
            The fix was applied with https://github.com/camunda/camunda-bpm-spring-boot-starter/pull/335 to spring-boot-starter and thus is used in Camunda BPM Run.

            Miklas Boskamp added a comment - I could not reproduce it a second time. Must have been a browser caching issue. The fix was applied with https://github.com/camunda/camunda-bpm-spring-boot-starter/pull/335 to spring-boot-starter and thus is used in Camunda BPM Run.

              Unassigned Unassigned
              miklas.boskamp Miklas Boskamp
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: