Hi Megala and All, Seems we are packing *Owasp.CsrfGuard.Carbon.properties* property file here [1] while generating analytics distribution.
Hence we need to skip blocked URIs if it doesn't meant to send back the CSRF token requested by CSRF guard. WDYT? Thanks, Rasika [1] https://github.com/wso2/product-iots/blob/0ccd63936b2205985558d512d2112ddadc3bb160/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties On Mon, Mar 13, 2017 at 9:33 AM, Megala Uthayakumar <[email protected]> wrote: > +Dev > > On Mon, Mar 13, 2017 at 9:32 AM, Megala Uthayakumar <[email protected]> > wrote: > >> Hi Analytics team, >> >> While trying to do a simulation in UI with IoT server, we got bad request >> error in front-end and also when trying to configure the simulation file in >> UI, we get a bad request error as well. These POST requests are blocked by >> csrf prevention logic. I have created a git issue for this[1]. Can we get >> this fixed for our IoT 3.1.0 release? >> >> [1] https://github.com/wso2/product-iots/issues/315 >> >> Thanks. >> >> Regards, >> Megala >> -- >> Megala Uthayakumar >> >> Software Engineer >> Mobile : 0779967122 >> > > > > -- > Megala Uthayakumar > > Software Engineer > Mobile : 0779967122 > -- With Regards, *Rasika Perera* Software Engineer LinkedIn: http://lk.linkedin.com/in/rasika90 <http://wso2.com/signature> WSO2 Inc. www.wso2.com lean.enterprise.middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
