SuiteCRM/SuiteCRM-Core
2
0
Fork 0
mirror of https://github.com/SuiteCRM/SuiteCRM-Core.git synced 2025-09-04 10:14:13 +08:00
Code Issues Projects Packages Activity Actions

Enable CSRF token validation on api requests

Browse source 
- Do no check csrf token on get requests.
-- Angular does not send token on get or header requests
This commit is contained in:
Clemente Raposo 2022-06-17 12:37:30 +01:00
parent 2a9fbb534f
commit 96803a827c
3 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/core_services.yaml
View file

@ -163,7 +163,7 @@ services:
App\Security\CSRFValidationListener:
tags: [ { name: kernel.event_listener, event: kernel.request, method: onKernelRequest, priority: 12 } ]
arguments:
$routes: [ ]
$routes: [ '/api' ]
$headerName: 'X-XSRF-TOKEN'
App\Engine\Service\FolderSync\FolderComparator: