Hello all,
I create a allMonit.html which have two iframe with src of two different
monit http interface running on two different system
allMonit.html structure
<iframe src = "http://firstserver:2812";></iframe>
<iframe src = "http://seconderver:2812";></iframe>
Now when i open allMonit.html in chrome , i see two monit interfaces. GREAT
Now if i try to let say "start a service" on one firstserver. I get invalid
CSRF.
Upon investigation i found that *without *iframe the http request contains
a cookiee header like
Cookie:
securitytoken=6265d84a17c2715c7252c84d88a479cf
Where as http request from iframe does not include cookie header.
Upon further study, i found that since monit http response does not contain
following header
Access-Control-Allow-Credentials: true
and hence browser will not transmit the cookie back to server.
Now the question arises:
*QUESTION: How to configure monit to add addition http header*
Thanks
*Bhuvan*
--
To unsubscribe:
https://lists.nongnu.org/mailman/listinfo/monit-general
