I was recently migrated to play 2.6, and im getting 403 responses when calling my api from postman that have something to do with filters.
at first when I run my service I got this error
[warn] 13:40:58.654 - play.filters.hosts.AllowedHostsFilter - Host not allowed: 14.1.90.128:9000
so I added in the application.conf:
play.filters.hosts {
allowed = ["."]
}
and it fixed the issue, but I was never forced to do that...
and not im getting this error trying to get to an action api method:
[warn] 20:04:23.230 - play.filters.CSRF - [CSRF] Check failed because no token found in headers
wierdly enough, a get method works and post gives the above error...
I know it have something to do with rest security but never was forced to think about it, how to I go about this? I know filters
to disable play CSRFFilter add to your application conf:
play.filters.disabled+=play.filters.csrf.CSRFFilter