From e256f0cfef7e2b1f24b8728b2c62293cf4451cca Mon Sep 17 00:00:00 2001
From: Victor Saar <victor.saar@publicispixelpark.de>
Date: Wed, 4 Jan 2017 10:21:39 +0100
Subject: [PATCH] sirona - Allow form and CSRF protection requests

---
 customer/sirona-aem/test.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/customer/sirona-aem/test.yaml b/customer/sirona-aem/test.yaml
index 446bff5a..0a73bef6 100644
--- a/customer/sirona-aem/test.yaml
+++ b/customer/sirona-aem/test.yaml
@@ -298,6 +298,8 @@ aem::dispatcher::publish_farm:
       - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization
       - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API
       - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API
+      - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms
+      - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token
       # Deny content grabbing
       - { type: 'deny', url: '*.infinity.json' }
       - { type: 'deny', url: '*.tidy.json'     }
-- 
2.39.5