Index: lams_central/conf/security/Owasp.CsrfGuard.properties =================================================================== diff -u -rf7937adfea85b6a6976eaa98df8c68db93f9f060 -r4a2902072e80bc9fcfd6534115751829210e2153 --- lams_central/conf/security/Owasp.CsrfGuard.properties (.../Owasp.CsrfGuard.properties) (revision f7937adfea85b6a6976eaa98df8c68db93f9f060) +++ lams_central/conf/security/Owasp.CsrfGuard.properties (.../Owasp.CsrfGuard.properties) (revision 4a2902072e80bc9fcfd6534115751829210e2153) @@ -124,6 +124,8 @@ org.owasp.csrfguard.protected.assessmentDiscloseGroupsAnswers=/lams/tool/laasse10/monitoring/discloseGroupsAnswers.do org.owasp.csrfguard.protected.assessmentMonitoringSubmissionDeadline=/lams/tool/laasse10/monitoring/setSubmissionDeadline.do org.owasp.csrfguard.protected.assessmentMonitoringExportExcel=/lams/tool/laasse10/monitoring/exportSummary.do +org.owasp.csrfguard.protected.assessmentMonitoringAllocateUserAnswer=/lams/tool/laasse10/monitoring/allocateUserAnswer.do +org.owasp.csrfguard.protected.assessmentMonitoringSetActivityEvaluation=/lams/tool/laasse10/monitoring/setActivityEvaluation.do org.owasp.csrfguard.protected.assessmentSaveUserGrade=/lams/tool/laasse10/monitoring/saveUserGrade.do org.owasp.csrfguard.protected.chatAuthoringSave=/lams/tool/lachat11/authoring/updateContent.do Index: lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/MonitoringController.java =================================================================== diff -u -r731ac9bda6562e241a71eb71b18caeaa49aeefb5 -r4a2902072e80bc9fcfd6534115751829210e2153 --- lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/MonitoringController.java (.../MonitoringController.java) (revision 731ac9bda6562e241a71eb71b18caeaa49aeefb5) +++ lams_tool_assessment/src/java/org/lamsfoundation/lams/tool/assessment/web/controller/MonitoringController.java (.../MonitoringController.java) (revision 4a2902072e80bc9fcfd6534115751829210e2153) @@ -193,8 +193,8 @@ request.setAttribute(AssessmentConstants.ATTR_QUESTION_SUMMARY, questionSummary); return "pages/monitoring/parts/questionsummary"; } - - @RequestMapping("/allocateUserAnswer") + + @RequestMapping(path = "/allocateUserAnswer", method = RequestMethod.POST) @ResponseBody public String allocateUserAnswer(HttpServletRequest request, HttpServletResponse response, @RequestParam Long questionUid, @RequestParam Long targetOptionUid, @RequestParam Long previousOptionUid, @@ -263,7 +263,7 @@ /** * Set tool's activityEvaluation */ - @RequestMapping("/setActivityEvaluation") + @RequestMapping(path = "/setActivityEvaluation", method = RequestMethod.POST) @ResponseBody public String setActivityEvaluation(HttpServletRequest request, HttpServletResponse response) throws IOException { SessionMap sessionMap = getSessionMap(request); Index: lams_tool_assessment/web/pages/monitoring/parts/questionsummary.jsp =================================================================== diff -u -r731ac9bda6562e241a71eb71b18caeaa49aeefb5 -r4a2902072e80bc9fcfd6534115751829210e2153 --- lams_tool_assessment/web/pages/monitoring/parts/questionsummary.jsp (.../questionsummary.jsp) (revision 731ac9bda6562e241a71eb71b18caeaa49aeefb5) +++ lams_tool_assessment/web/pages/monitoring/parts/questionsummary.jsp (.../questionsummary.jsp) (revision 4a2902072e80bc9fcfd6534115751829210e2153) @@ -164,7 +164,8 @@ questionUid: ${questionDto.uid}, targetOptionUid: $(evt.to).data("option-uid"), previousOptionUid: $(evt.from).data("option-uid"), - questionResultUid: $(evt.item).data("question-result-uid") + questionResultUid: $(evt.item).data("question-result-uid"), + "":"" }, method: 'post', dataType: "json", Index: lams_tool_assessment/web/pages/monitoring/statisticpart.jsp =================================================================== diff -u -r4dfbbc90e3d414eaf3f4282a3a38b4ec741384d7 -r4a2902072e80bc9fcfd6534115751829210e2153 --- lams_tool_assessment/web/pages/monitoring/statisticpart.jsp (.../statisticpart.jsp) (revision 4dfbbc90e3d414eaf3f4282a3a38b4ec741384d7) +++ lams_tool_assessment/web/pages/monitoring/statisticpart.jsp (.../statisticpart.jsp) (revision 4a2902072e80bc9fcfd6534115751829210e2153) @@ -17,9 +17,11 @@ $.ajax({ url: '', data: { - activityEvaluation: this.value + activityEvaluation: this.value, + "":"" }, dataType: 'json', + method: 'post', success: function (json) { if (json.success == "true") { alert("");