csrf.domain.white.list

• Module: cmas-restapi-core
• Description: The list of domains (format protocol://domain:port, separated with “|”) which are allowed in Origin/Referer headers and will not be blocked by the CSRF filter. By default, the property is empty so that cross-site requests are blocked.
• Type: string
• Restart required: no
• System: yes
• Optional: yes
• Example value: https://example.com:80 | http://www.consol.de:8080
• Since: 6.11.2.2