sirona-aem - Enable CSRF support on production SIRONAADFR-1017

diff --git a/customer/sirona-aem/production.yaml b/customer/sirona-aem/production.yaml
index 880397b7f0a135bf80c386a2cc64fd037ee73db4..d93871cc927ec1570987e60b931d1dcece40eae0 100644 (file)
--- a/customer/sirona-aem/production.yaml
+++ b/customer/sirona-aem/production.yaml
@@ -965,6 +965,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1044,6 +1046,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1122,6 +1126,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1200,6 +1206,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1279,6 +1287,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1358,6 +1368,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1436,6 +1448,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1515,6 +1529,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1593,6 +1609,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1671,6 +1689,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1750,6 +1770,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1829,6 +1851,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1908,6 +1932,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -1987,6 +2013,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }
@@ -2069,6 +2097,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '/api.json' } # Unique fuer Assets Domain
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Security Rules
       - { type: 'deny', url: '/etc/'  }
       - { type: 'deny', url: '/libs/'  }