Skip to content
Snippets Groups Projects
Commit 64b89964 authored by Daniel Gerhardt's avatar Daniel Gerhardt
Browse files

Require POST method for '/checkframeoptionsheader'

This disables CORS for this path. It should not be usable by external
websites.
parent 45b407f4
No related merge requests found
...@@ -63,7 +63,7 @@ public class WelcomeController extends AbstractController { ...@@ -63,7 +63,7 @@ public class WelcomeController extends AbstractController {
return new HashMap<String, Object>(); return new HashMap<String, Object>();
} }
@RequestMapping(value = "/checkframeoptionsheader", method = RequestMethod.GET) @RequestMapping(value = "/checkframeoptionsheader", method = RequestMethod.POST)
@ResponseStatus(HttpStatus.OK) @ResponseStatus(HttpStatus.OK)
public void checkFrameOptionsHeader( public void checkFrameOptionsHeader(
@RequestParam(required = true) final String url, @RequestParam(required = true) final String url,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment