Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-10196 Corrected Jolt UI CSRF Header Handling 

Signed-off-by: Matthew Burgess <mattyb149@apache.org>

This closes #6198
This commit is contained in:
exceptionfactory 2022-07-11 21:53:07 -05:00 committed by Matthew Burgess
parent 4c0555a476
commit 0dea0ae364
No known key found for this signature in database
GPG Key ID: 05D3DEB8126DAD24
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nifi-nar-bundles/nifi-standard-bundle/nifi-jolt-transform-json-ui/src/main/webapp/app/app.js
View File

@ -19,11 +19,9 @@
var AppRun = function($rootScope,$state,$http){
// Get the Request Token for CSRF mitigation and send on all requests
if (nf.AuthorizationStorage.hasToken()) {
var token = nf.AuthorizationStorage.getRequestToken();
$http.defaults.headers.common['Request-Token'] = token;
}
// Set CSRF Cookie and Header names to match Spring Security configuration in StandardCookieCsrfTokenRepository
$http.defaults.xsrfCookieName = '__Secure-Request-Token';
$http.defaults.xsrfHeaderName = 'Request-Token';
$rootScope.$on('$stateChangeError', function(event, toState, toParams, fromState, fromParams, error){
event.preventDefault();