[ https://issues.apache.org/jira/browse/AIRFLOW-836?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Guziel updated AIRFLOW-836: -------------------------------- Description: These endpoints use GET and are state-changing which is bad practice, and allows CSRF (was: This endpoint uses GET and is state-changing which bad practice, and allows CSRF) > The paused endpoint is vulnerable to CSRF > ----------------------------------------- > > Key: AIRFLOW-836 > URL: https://issues.apache.org/jira/browse/AIRFLOW-836 > Project: Apache Airflow > Issue Type: Bug > Reporter: Alex Guziel > Assignee: Alex Guziel > > These endpoints use GET and are state-changing which is bad practice, and > allows CSRF -- This message was sent by Atlassian JIRA (v6.3.15#6346)