[jira] [Resolved] (NIFI-8510) CSRF filter blocking requests that contain unrelated cookies

David Handermann (Jira) Mon, 03 May 2021 11:32:07 -0700


     [ 
https://issues.apache.org/jira/browse/NIFI-8510?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


David Handermann resolved NIFI-8510.
------------------------------------
    Resolution: Fixed

> CSRF filter blocking requests that contain unrelated cookies
> ------------------------------------------------------------
>
>                 Key: NIFI-8510
>                 URL: https://issues.apache.org/jira/browse/NIFI-8510
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 1.14.0
>            Reporter: Nathan Gough
>            Assignee: Nathan Gough
>            Priority: Major
>             Fix For: 1.14.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> The CSRF filter added in NIFI-7870 is blocking requests if ANY cookie is 
> present in a request to NiFi and the NiFI CSRF cookie is not present. This 
> caused a 403 for requests over http on localhost.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (NIFI-8510) CSRF filter blocking requests that contain unrelated cookies

Reply via email to