You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by "Yusaku Sako (JIRA)" <ji...@apache.org> on 2014/01/17 21:41:20 UTC

[jira] [Created] (AMBARI-4338) Porper error message required for CSRF protection error

Yusaku Sako created AMBARI-4338:
-----------------------------------

             Summary: Porper error message required for CSRF protection error
                 Key: AMBARI-4338
                 URL: https://issues.apache.org/jira/browse/AMBARI-4338
             Project: Ambari
          Issue Type: Task
            Reporter: Yusaku Sako


Ambari Server requires non-GET calls to be made with the "X-Requested-By" HTTP header.
When a request made without the header (and CSRF option is turned on, which is the default), it fails with error code 400 without any useful message.
The error message should clearly indicate that CSRF is turned on and that X-Requested-By HTTP header is required.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)