Description of changes:
This PR adds an environment variable to allow disabling CSRF. CSRF will be enabled by default unless MWAA__WEBSERVER__WTF_CSRF_ENABLED is explicitly set to False.
I verified the changes by running the container locally with the environment variable set to False, True, and not setting it at all. In the first case, I was able to get the response from http://localhost:8080/dag_stats, and in the latter two cases, I received the 400 The CSRF token is missing error.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Issue #, if available: https://github.com/aws/amazon-mwaa-docker-images/issues/86
Description of changes: This PR adds an environment variable to allow disabling CSRF. CSRF will be enabled by default unless
MWAA__WEBSERVER__WTF_CSRF_ENABLEDis explicitly set toFalse.I verified the changes by running the container locally with the environment variable set to
False,True, and not setting it at all. In the first case, I was able to get the response fromhttp://localhost:8080/dag_stats, and in the latter two cases, I received the 400The CSRF token is missingerror.By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.