sirona - Allow form and CSRF protection requests

diff --git a/customer/sirona-aem/test.yaml b/customer/sirona-aem/test.yaml
index 446bff5a24528b3da423ad7e8c14e6d26912ce9c..0a73bef670bfaeeff0bc6db05fbda3dbf5a0b7b6 100644 (file)
--- a/customer/sirona-aem/test.yaml
+++ b/customer/sirona-aem/test.yaml
@@ -298,6 +298,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Deny content grabbing
       - { type: 'deny', url: '*.infinity.json' }
       - { type: 'deny', url: '*.tidy.json'     }