Index: lams_central/conf/security/Owasp.CsrfGuard.properties
===================================================================
diff -u -rf013da27a40a5c84f59bdce2a1b1dec3fc938d28 -r7a9dcf2073f058bd353c8423c8bc732f0d006b44
--- lams_central/conf/security/Owasp.CsrfGuard.properties	(.../Owasp.CsrfGuard.properties)	(revision f013da27a40a5c84f59bdce2a1b1dec3fc938d28)
+++ lams_central/conf/security/Owasp.CsrfGuard.properties	(.../Owasp.CsrfGuard.properties)	(revision 7a9dcf2073f058bd353c8423c8bc732f0d006b44)
@@ -29,6 +29,7 @@
 org.owasp.csrfguard.protected.shareresourcesChangeItemVisibility=/lams/tool/larsrc11/monitoring/changeItemVisibility.do
 org.owasp.csrfguard.protected.surveySubmissionDeadline=/lams/tool/lasurv11/monitoring/setSubmissionDeadline.do
 org.owasp.csrfguard.protected.taskSubmissionDeadline=/lams/tool/latask10/monitoring/setSubmissionDeadline.do
+org.owasp.csrfguard.protected.taskSetVerifyByMonitor=/lams/tool/latask10/monitoring/setVerifiedByMonitor.do
 org.owasp.csrfguard.protected.voteSubmissionDeadline=/lams/tool/lavote11/monitoring/setSubmissionDeadline.do
 org.owasp.csrfguard.protected.wikiSubmissionDeadline=/lams/tool/lawiki10/monitoring/setSubmissionDeadline.do
 
Index: lams_tool_task/src/java/org/lamsfoundation/lams/tool/taskList/web/controller/MonitoringController.java
===================================================================
diff -u -r1beaa4cc5e224dd433297d543c5511234c0bfc10 -r7a9dcf2073f058bd353c8423c8bc732f0d006b44
--- lams_tool_task/src/java/org/lamsfoundation/lams/tool/taskList/web/controller/MonitoringController.java	(.../MonitoringController.java)	(revision 1beaa4cc5e224dd433297d543c5511234c0bfc10)
+++ lams_tool_task/src/java/org/lamsfoundation/lams/tool/taskList/web/controller/MonitoringController.java	(.../MonitoringController.java)	(revision 7a9dcf2073f058bd353c8423c8bc732f0d006b44)
@@ -382,7 +382,7 @@
     /**
      * Mark taskList user as verified.
      */
-    @RequestMapping("/setVerifiedByMonitor")
+    @RequestMapping(path = "/setVerifiedByMonitor", method = RequestMethod.POST)
     public String setVerifiedByMonitor(HttpServletRequest request, HttpServletResponse response) throws IOException {
 
 	Long userUid = WebUtil.readLongParam(request, TaskListConstants.ATTR_USER_UID);
Index: lams_tool_task/web/pages/monitoring/summary.jsp
===================================================================
diff -u -r1ba75f43a383fb925aae69975d748d0a8dfdf9a5 -r7a9dcf2073f058bd353c8423c8bc732f0d006b44
--- lams_tool_task/web/pages/monitoring/summary.jsp	(.../summary.jsp)	(revision 1ba75f43a383fb925aae69975d748d0a8dfdf9a5)
+++ lams_tool_task/web/pages/monitoring/summary.jsp	(.../summary.jsp)	(revision 7a9dcf2073f058bd353c8423c8bc732f0d006b44)
@@ -91,7 +91,7 @@
 	function setVerifiedByMonitor(link, userUid) {
 		$.ajax({
 			type: "POST",
-			url: '<c:url value="/monitoring/setVerifiedByMonitor.do"/>',
+			url: '<c:url value="/monitoring/setVerifiedByMonitor.do"/>?<csrf:token/>',
 			data: { userUid: userUid },
 			success: function(response) {
 				$("#verif-"+response).html('<i class="fa fa-check"></i>');
@@ -159,4 +159,4 @@
 
 <%@include file="parts/advanceoptions.jsp"%>
 <%@include file="parts/daterestriction.jsp"%>
-				
\ No newline at end of file
+				
