From 0ccd63936b2205985558d512d2112ddadc3bb160 Mon Sep 17 00:00:00 2001 From: Rasika Perera Date: Mon, 23 Jan 2017 12:43:37 +0530 Subject: [PATCH] Updated OWSAP property file --- .../conf/security/Owasp.CsrfGuard.Carbon.properties | 1 + .../conf/security/Owasp.CsrfGuard.Carbon.properties | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties b/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties index d3049ce3..3c112193 100644 --- a/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties +++ b/modules/analytics/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties @@ -457,3 +457,4 @@ org.owasp.csrfguard.unprotected.passivests=%servletContext%/acs/* org.owasp.csrfguard.unprotected.deviceMgtSSOAcs=%servletContext%/devicemgt/uuf/sso/acs org.owasp.csrfguard.unprotected.deviceMgtAcs=%servletContext%/uuf/sso/acs org.owasp.csrfguard.unprotected.deviceMgtApi=%servletContext%/devicemgt/api/* +org.owasp.csrfguard.unprotected.portalApis=%/portal/apis/* \ No newline at end of file diff --git a/modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties b/modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties index f6daa5c3..62cb1c57 100644 --- a/modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties +++ b/modules/core/distribution/src/repository/conf/security/Owasp.CsrfGuard.Carbon.properties @@ -466,11 +466,16 @@ org.owasp.csrfguard.unprotected.deviceMgtAcs=%servletContext%/uuf/sso/acs org.owasp.csrfguard.unprotected.deviceMgtApi=%servletContext%/devicemgt/api/* org.owasp.csrfguard.unprotected.storeEventPublisher=%servletContext%/store/apis/eventpublish/* org.owasp.csrfguard.unprotected.publisherAcs=%servletContext%/publisher/acs +org.owasp.csrfguard.unprotected.publisherApi=%servletContext%/publisher/api org.owasp.csrfguard.unprotected.storeAcs=%servletContext%/store/acs org.owasp.csrfguard.unprotected.apiStoreAcs=%servletContext%/api-store/acs +org.owasp.csrfguard.unprotected.apiStoreApis=%servletContext%/api-store/apis org.owasp.csrfguard.unprotected.portalAcs=%servletContext%/portal/acs +org.owasp.csrfguard.unprotected.portalApis=%servletContext%/portal/apis org.owasp.csrfguard.unprotected.socialAcs=%servletContext%/social/acs +org.owasp.csrfguard.unprotected.socialApis=%servletContext%/social/apis org.owasp.csrfguard.unprotected.appStoreDevices=%servletContext%/store/apps/devices/* +org.owasp.csrfguard.unprotected.appStoreApis=%servletContext%/store/apis/* #carbon