[
https://issues.apache.org/jira/browse/KNOX-198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Larry McCay resolved KNOX-198.
------------------------------
Resolution: Fixed
> CSRF header support
> -------------------
>
> Key: KNOX-198
> URL: https://issues.apache.org/jira/browse/KNOX-198
> Project: Apache Knox
> Issue Type: New Feature
> Components: ClientDSL, Server
> Affects Versions: 0.3.0
> Reporter: Larry McCay
> Assignee: Larry McCay
> Fix For: 0.4.0
>
>
> Determine the approach for CSRF prevention and how to align with the
> protection that needs to be provided at the service endpoints themselves. The
> services need to provide this for when Knox is not deployed.
> Does Knox just pass through the custom header that is sent by the client?
> Does Knox have its own relationship and established header value with the
> services?
> How do we communicate the required header values and names to the Knox
> clients of various types - including Knox ClientDSL?
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
