Closed BrennanPaciorek closed 1 month ago
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
88.0% Coverage on New Code
0.0% Duplication on New Code
This PR will most likely be closed, since enforcing csrf makes little sense on JWTAuthentication, which does not use cookies on its own at any point during the authentication process.
Impement enforce_csrf for JWT authenticatior, enabling django CsrfMiddleware. This fixes disabled CSRF protections on sites that use jwt_consumer for authentication.
AAP-20597