Hi Tanya, This "csrf.js" file is not an actual JavaScript file. If you check section 4 of the document "Securing Jaggery Applications", you will notice that there is a new "servletMappings" which binds "JavaScriptServlet" with URL pattern "csrf.js". This Servlet is exposing a JavaScript which is then used by the template. I hope it is clear.
However, noticed that a relevant PR [1] is not in a Jaggery release yet. We will check this with Jaggery team and update relevant version details in the document itself and in this email thread for your reference, as quick as possible. [1] https://github.com/wso2/jaggery/pull/155 Thank you, Ayoma. On Fri, Jul 1, 2016 at 11:39 AM, Sudharma Subasinghe <[email protected]> wrote: > Hi, > > Error 405 - Method Not Allowed occurred for BPMN Explorer UI launching > request after adding configurations for jaggery apps. > > Are "/csrf.js" which is added in the header of HTML template in the app > and "/csrfPrevention.js" for management console same? > > Appreciate idea on this. > > Thanks > Sudhama > > -- > Sudharma Subasinghe, > Software Engineer, > WSO2 Inc. > Email: [email protected] <[email protected]> > Mobile : +94 710 565 157 <%2B94%20718%20210%20200> > -- Ayoma Wijethunga Software Engineer Platform Security Team WSO2, Inc.; http://wso2.com lean.enterprise.middleware Mobile : +94 (0) 719428123 <+94+(0)+719428123> Blog : http://www.ayomaonline.com LinkedIn: https://www.linkedin.com/in/ayoma
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
