diff --git a/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties b/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties index 2b5a7b42..bf41e0ee 100644 --- a/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties +++ b/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties @@ -454,3 +454,6 @@ org.owasp.csrfguard.unprotected.JsApi=%servletContext%/portal/apis/analytics/* org.owasp.csrfguard.unprotected.Servlet=%servletContext%/analytics-api/* org.owasp.csrfguard.unprotected.ml=%servletContext%/api/login* org.owasp.csrfguard.unprotected.passivests=%servletContext%/acs/* +org.owasp.csrfguard.unprotected.deviceMgtSSOAcs=%servletContext%/devicemgt/uuf/sso/acs +org.owasp.csrfguard.unprotected.deviceMgtAcs=%servletContext%/uuf/sso/acs +org.owasp.csrfguard.unprotected.deviceMgtApi=%servletContext%/devicemgt/api/invoker/execute/* diff --git a/modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties b/modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties index 1dc9d20e..bf300027 100644 --- a/modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties +++ b/modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties @@ -462,11 +462,14 @@ org.owasp.csrfguard.unprotected.storeRestApi=%servletContext%/api/appm/store/* org.owasp.csrfguard.unprotected.certificateMgtRestApi=%servletContext%/api/certificate-mgt/* org.owasp.csrfguard.unprotected.deviceMgtRestApi=%servletContext%/api/device-mgt/* org.owasp.csrfguard.unprotected.dcrRestApi=%servletContext%/dynamic-client-web/* - +org.owasp.csrfguard.unprotected.deviceMgtSSOAcs=%servletContext%/devicemgt/uuf/sso/acs +org.owasp.csrfguard.unprotected.deviceMgtAcs=%servletContext%/uuf/sso/acs +org.owasp.csrfguard.unprotected.deviceMgtApi=%servletContext%/devicemgt/api/invoker/execute/* + #carbon org.owasp.csrfguard.unprotected.Services=%servletContext%/services/* #identity org.owasp.csrfguard.unprotected.acs=%servletContext%/acs/* org.owasp.csrfguard.unprotected.iwa=%servletContext%/iwa/* -org.owasp.csrfguard.unprotected.oauthiwa=%servletContext%/commonauth/iwa/* \ No newline at end of file +org.owasp.csrfguard.unprotected.oauthiwa=%servletContext%/commonauth/iwa/*