[MGNLSSO-28] Make sure Magnolia does CSRF, as pac4j CSRF is disabled Created: 08/May/20  Updated: 07/Jul/20  Resolved: 11/May/20

Status: Closed
Project: Single Sign On
Component/s: None
Affects Version/s: None
Fix Version/s: 1.0

Type: Task Priority: Neutral
Reporter: Maxime Michel Assignee: Unassigned
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoR:
Empty
Epic Link: Magnolia SSO w/ pac4j

 Description   

I disabled pac4j CSRF during development as it was getting in my way. I believe Magnolia does CSRF, but it needs to be double-checked.



 Comments   
Comment by Maxime Michel [ 11/May/20 ]

Magnolia indeed does CSRF out of the box: https://documentation.magnolia-cms.com/display/DOCS62/Filters#Filters-CSRFsecurity

Generated at Mon Feb 12 10:50:25 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.