Simon Elliston Ball created METRON-1688:
-------------------------------------------
Summary: Pass through of CSRF protection for proxied api calls
Key: METRON-1688
URL: https://issues.apache.org/jira/browse/METRON-1688
Project: Metron
Issue Type: Sub-task
Reporter: Simon Elliston Ball
With the UIs hosted through a proxy, and the potential for multiple backends,
ownership of CSRF protection headers is unclear, and also impossible to pass
through due to conflicts.
We should use the front-end host to protect and proxy the CSRF protection to
allow the backend to be picky about its level of CSRF protection.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
