WebSockets and CsrfPreventionRequestCycleListener

Hello All, just have tried to add CsrfPreventionRequestCycleListener to our application everything seems to work except for Websockets :( Now I'm getting [INFO] [http-nio-0.0.0.0-5080-exec-9] org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener - Possible CSRF attack, request URL:

Re: header item uniqueness

Hi Boris, sorry, I've got distracted by other things: real life :P This is a bug, so I'll apply my fix to Wicket 7 too - I have to make the aggregator aware of the headers' render tokens. Regards Sven On 10.05.2017 22:32, Boris Goldowsky wrote: Sven, do you expect your fix for this to get

Re: header item uniqueness

Sven, do you expect your fix for this to get into the next point release of Wicket 7, or will it only be in Wicket 8? Just trying to determine if I need to build a work-around or if I can wait for an official fix. Thanks! Boris On 4/25/17, 9:07 PM, "Boris Goldowsky"