nifi/src at f3136f07ebd3609cda715056d72f19fa7bc9e706 - nifi

History

exceptionfactory e16a6c2b89 NIFI-9241 Refactored CSRF mitigation using random Request-Token - Replaced use of Authorization header with custom Request-Token header for CSRF mitigation - Added Request-Token cookie for CSRF mitigation - Replaced session storage of JWT with expiration in seconds - Removed and disabled CORS configuration - Disabled HTTP OPTIONS method - Refactored HTTP Proxy URI construction using RequestUriBuilder Signed-off-by: Nathan Gough <thenatog@gmail.com> This closes #5417.	2021-09-30 20:36:15 -04:00
..
main/java/org/apache/nifi/web	NIFI-9241 Refactored CSRF mitigation using random Request-Token	2021-09-30 20:36:15 -04:00
test/groovy/org/apache/nifi/web	NIFI-9241 Refactored CSRF mitigation using random Request-Token	2021-09-30 20:36:15 -04:00

exceptionfactory e16a6c2b89 NIFI-9241 Refactored CSRF mitigation using random Request-Token

- Replaced use of Authorization header with custom Request-Token header for CSRF mitigation
- Added Request-Token cookie for CSRF mitigation
- Replaced session storage of JWT with expiration in seconds
- Removed and disabled CORS configuration
- Disabled HTTP OPTIONS method
- Refactored HTTP Proxy URI construction using RequestUriBuilder

Signed-off-by: Nathan Gough <thenatog@gmail.com>

This closes #5417.

2021-09-30 20:36:15 -04:00

main/java/org/apache/nifi/web

NIFI-9241 Refactored CSRF mitigation using random Request-Token

2021-09-30 20:36:15 -04:00

test/groovy/org/apache/nifi/web

NIFI-9241 Refactored CSRF mitigation using random Request-Token

2021-09-30 20:36:15 -04:00