Alex Guziel created AIRFLOW-836:
-----------------------------------
Summary: The two endpoints /paused and queryview perform
state-changing action over HTTP GET
Key: AIRFLOW-836
URL: https://issues.apache.org/jira/browse/AIRFLOW-836
Project: Apache Airflow
Issue Type: Bug
Reporter: Alex Guziel
Assignee: Alex GuzielThese two endpoints change state and allow HTTP GET, allowing CSRF -- This message was sent by Atlassian JIRA (v6.3.15#6346)
