This is an automated email from the ASF dual-hosted git repository.
mattyb149 pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new 0dea0ae364 NIFI-10196 Corrected Jolt UI CSRF Header Handling
0dea0ae364 is described below
commit 0dea0ae364c3492d7f12b2238880729a2a55d3b0
Author: exceptionfactory <[email protected]>
AuthorDate: Mon Jul 11 21:53:07 2022 -0500
NIFI-10196 Corrected Jolt UI CSRF Header Handling
Signed-off-by: Matthew Burgess <[email protected]>
This closes #6198
---
.../nifi-jolt-transform-json-ui/src/main/webapp/app/app.js | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git
a/nifi-nar-bundles/nifi-standard-bundle/nifi-jolt-transform-json-ui/src/main/webapp/app/app.js
b/nifi-nar-bundles/nifi-standard-bundle/nifi-jolt-transform-json-ui/src/main/webapp/app/app.js
index 1c81562913..4a127605df 100644
---
a/nifi-nar-bundles/nifi-standard-bundle/nifi-jolt-transform-json-ui/src/main/webapp/app/app.js
+++
b/nifi-nar-bundles/nifi-standard-bundle/nifi-jolt-transform-json-ui/src/main/webapp/app/app.js
@@ -19,11 +19,9 @@
var AppRun = function($rootScope,$state,$http){
- // Get the Request Token for CSRF mitigation and send on all requests
- if (nf.AuthorizationStorage.hasToken()) {
- var token = nf.AuthorizationStorage.getRequestToken();
- $http.defaults.headers.common['Request-Token'] = token;
- }
+ // Set CSRF Cookie and Header names to match Spring Security configuration
in StandardCookieCsrfTokenRepository
+ $http.defaults.xsrfCookieName = '__Secure-Request-Token';
+ $http.defaults.xsrfHeaderName = 'Request-Token';
$rootScope.$on('$stateChangeError', function(event, toState, toParams,
fromState, fromParams, error){
event.preventDefault();
