cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Planned removal of ability to update request method

Regular Member

Planned removal of ability to update request method

Hi all,

 

Following up on something that we noted in our documentation a while back, we are planning to deprecate the ability to update the request method via the Allow Request Method Switch in the Platform Subsystem.

 

Although this setting is the disabled by default in ThingWorx, and leaving it off is strongly recommended to prevent cross-site request forgery (CSRF) attacks, it is still possible to enable it. We allowed for this option because of concerns about backwards compatibility, but now that several major versions have passed we are planning to make the default setting mandatory in a future release of ThingWorx (likely by the end of calendar year 2021). Removing the ability to Allow Request Method Switch will further enhance the security of the ThingWorx platform.

 

Please see the relevant portion of the Help Center for details, and chime in on this post of you have any concerns.

 

Best,


Walter Haydock

ThingWorx Product Management

Announcements

Thingworx Navigate content has a new home! Click here to access the new Thingworx Navigate forum!