Simon Elliston Ball created METRON-1688: -------------------------------------------
Summary: Pass through of CSRF protection for proxied api calls Key: METRON-1688 URL: https://issues.apache.org/jira/browse/METRON-1688 Project: Metron Issue Type: Sub-task Reporter: Simon Elliston Ball With the UIs hosted through a proxy, and the potential for multiple backends, ownership of CSRF protection headers is unclear, and also impossible to pass through due to conflicts. We should use the front-end host to protect and proxy the CSRF protection to allow the backend to be picky about its level of CSRF protection. -- This message was sent by Atlassian JIRA (v7.6.3#76005)