Hello All,
just have tried to add CsrfPreventionRequestCycleListener to our application
everything seems to work except for Websockets :(
Now I'm getting
[INFO] [http-nio-0.0.0.0-5080-exec-9]
org.apache.wicket.protocol.http.CsrfPreventionRequestCycleListener -
Possible CSRF attack, request URL:
Hi Boris,
sorry, I've got distracted by other things: real life :P
This is a bug, so I'll apply my fix to Wicket 7 too - I have to make the
aggregator aware of the headers' render tokens.
Regards
Sven
On 10.05.2017 22:32, Boris Goldowsky wrote:
Sven, do you expect your fix for this to get
Sven, do you expect your fix for this to get into the next point release of
Wicket 7, or will it only be in Wicket 8?
Just trying to determine if I need to build a work-around or if I can wait for
an official fix.
Thanks!
Boris
On 4/25/17, 9:07 PM, "Boris Goldowsky" wrote:
Thank you!