Yusaku Sako created AMBARI-4338:
-----------------------------------
Summary: Porper error message required for CSRF protection error
Key: AMBARI-4338
URL: https://issues.apache.org/jira/browse/AMBARI-4338
Project: Ambari
Issue Type: Task
Reporter: Yusaku Sako
Ambari Server requires non-GET calls to be made with the "X-Requested-By" HTTP
header.
When a request made without the header (and CSRF option is turned on, which is
the default), it fails with error code 400 without any useful message.
The error message should clearly indicate that CSRF is turned on and that
X-Requested-By HTTP header is required.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
