Alex Guziel created AIRFLOW-836: ----------------------------------- Summary: The two endpoints /paused and queryview perform state-changing action over HTTP GET Key: AIRFLOW-836 URL: https://issues.apache.org/jira/browse/AIRFLOW-836 Project: Apache Airflow Issue Type: Bug Reporter: Alex Guziel Assignee: Alex Guziel
These two endpoints change state and allow HTTP GET, allowing CSRF -- This message was sent by Atlassian JIRA (v6.3.15#6346)