New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New HTTP package has no XSRF support #18100
Labels
area: common/http
feature
Issue that requests a new feature
security
Issues that generally impact framework or application security
Comments
mprobst
added
regression
Indicates than the issue relates to something that worked in a previous version
area: common/http
labels
Jul 13, 2017
IgorMinar
added
security
Issues that generally impact framework or application security
feature
Issue that requests a new feature
and removed
regression
Indicates than the issue relates to something that worked in a previous version
labels
Jul 13, 2017
alxhub
added a commit
to alxhub/angular
that referenced
this issue
Jul 13, 2017
alxhub
added a commit
to alxhub/angular
that referenced
this issue
Jul 13, 2017
alxhub
added a commit
to alxhub/angular
that referenced
this issue
Jul 13, 2017
asnowwolf
pushed a commit
to asnowwolf/angular
that referenced
this issue
Aug 11, 2017
juleskremer
pushed a commit
to juleskremer/angular
that referenced
this issue
Aug 26, 2017
juleskremer
pushed a commit
to juleskremer/angular
that referenced
this issue
Aug 28, 2017
This issue has been automatically locked due to inactivity. Read more about our automatic conversation locking policy. This action has been performed automatically by a bot. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
area: common/http
feature
Issue that requests a new feature
security
Issues that generally impact framework or application security
The new
common/http
package does not support XSRF out of the box.Current behavior
Doesn't handle XSRF out of the box :-(
Expected behavior
Like the previous package - when the server sets a cookie called
XSRF-TOKEN
, the client should send back anX-XSRF-TOKEN
header with its value on every request.The text was updated successfully, but these errors were encountered: