saku-koodari
commented
2 days ago Sitten kun tämä toimii, niin open-api:lla on generoitu triggerYkiImportSuoritukset, ja tämä käytännössä tekee siitä turhan. Sen voisi poistaa samassa tai myöhemmässä commitissa/pullarissa.
These calls are CSRF protected, so we need to add our CSRF token to the AJAX calls db-scheduler-ui makes. The only way to do this is to put the CSRF token in a cookie (instead of the default HTTP Session storage) and loading it from the cookie on the server.
Spring's CSRF tokens are kind of hard-wired to be loaded from a separate request header or query parameter (which are exactly the things that would require modifying db-scheduler-ui), so we override it with our own CookieCsrfRequestHandler which loads it from the XSRF-TOKEN cookie.