You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Denys Buzhor (JIRA)" <ji...@apache.org> on 2013/11/16 22:19:22 UTC
[jira] [Created] (AMBARI-3788) Perform E2E testing of Ambari with
api.csrfPrevention.enabled=true
Denys Buzhor created AMBARI-3788:
------------------------------------
Summary: Perform E2E testing of Ambari with api.csrfPrevention.enabled=true
Key: AMBARI-3788
URL: https://issues.apache.org/jira/browse/AMBARI-3788
Project: Ambari
Issue Type: Task
Components: client
Affects Versions: 1.4.2
Reporter: Denys Buzhor
Assignee: Denys Buzhor
Fix For: 1.4.2
Set *api.csrfPrevention.enabled=true* in *ambari.properties*, restart ambari server, and verify that Ambari Web works properly with that option on.
Before testing Ambari Web, make sure that the POST calls to the API does NOT work unless you pass the *X-Requested-By* option (to make sure that the CSRF filter is in effect).
--
This message was sent by Atlassian JIRA
(v6.1#6144)