File tree 1 file changed +7
-2
lines changed 1 file changed +7
-2
lines changed Original file line number Diff line number Diff line change @@ -23,12 +23,17 @@ func CSRF(secureCookie bool) func(next http.Handler) http.Handler {
2323 // All GET requests are exempt by default.
2424 mw .ExemptPath ("/api/v2/csp/reports" )
2525
26- // Top level agent routes.
27- mw .ExemptRegexp (regexp .MustCompile ("api/v2/workspaceagents/[^/]*$" ))
2826 // Agent authenticated routes
2927 mw .ExemptRegexp (regexp .MustCompile ("api/v2/workspaceagents/me/*" ))
28+ mw .ExemptRegexp (regexp .MustCompile ("api/v2/workspaceagents/*" ))
29+ // Workspace Proxy routes
30+ mw .ExemptRegexp (regexp .MustCompile ("api/v2/workspaceproxies/me/*" ))
3031 // Derp routes
3132 mw .ExemptRegexp (regexp .MustCompile ("derp/*" ))
33+ // Scim
34+ mw .ExemptRegexp (regexp .MustCompile ("api/v2/scim/*" ))
35+ // Provisioner daemon routes
36+ mw .ExemptRegexp (regexp .MustCompile ("/organizations/[^/]+/provisionerdaemons/*" ))
3237
3338 mw .ExemptFunc (func (r * http.Request ) bool {
3439 // CSRF only affects requests that automatically attach credentials via a cookie.
You can’t perform that action at this time.
0 commit comments