Issue/REST-410 check all mutative methods
David Black
Branch: issue/REST-410-block-remote-post-method-restriction
Branch: master
Merged
Merged pull request
Merged in issue/REST-410-block-remote-post-method-restriction (pull request #177)
Merged in issue/REST-410-block-remote-post-method-restriction (pull request #177)
REST-410: Block all mutative requests not just POST requests (instead of logging non-post but mutative requests) in OriginBasedXsrfResourceFilter.
Signed-off-by: David Black dblack@atlassian.com
REST-410: Add tests to cover non-simple requests coming with the same origin are not blocked by OriginBasedXsrfResourceFilter.
Signed-off-by: David Black dblack@atlassian.com