Details
-
Improvement
-
Resolution: Unresolved
-
High
-
None
-
None
-
None
Description
As reported by edi.modric in EZP-25482, the csrf token feature can be disabled in symfony, but the Javascript REST client used by Platform UI doesn't support that.
The client could be improved to work without a csrf token.
open questions
What are the use-cases for this ? It does make sense that the system works with customized values of common symfony settings, but having actual use-cases would help with prioritization.
Attachments
Issue Links
- relates to
-
EZP-25482 Exception when CSRF token protection is disabled
- Backlog