SONAR-7292, SONAR-7293, SONAR-7294, SONAR-7297 Activate Csrf verification on issues action

server/sonar-server/src/main/java/org/sonar/server/authentication/JwtCsrfVerifier.java

@@ -43,10 +43,6 @@ public class JwtCsrfVerifier {
   private static final Set<String> UPDATE_METHODS = ImmutableSet.of("POST", "PUT", "DELETE");
   private static final String API_URL = "/api";
   private static final Set<String> RAILS_UPDATE_API_URLS = ImmutableSet.of(
-    "/api/issues/add_comment",
-    "/api/issues/delete_comment",
-    "/api/issues/edit_comment",
-    "/api/issues/bulk_change",
     "/api/projects/create",
     "/api/properties/create",
     "/api/user_properties");

server/sonar-server/src/test/java/org/sonar/server/authentication/JwtCsrfVerifierTest.java

@@ -148,11 +148,6 @@ public class JwtCsrfVerifierTest {
 
   @Test
   public void ignore_rails_ws_requests() throws Exception {
-    executeVerifyStateDoesNotFailOnRequest("/api/events", "POST");
-    executeVerifyStateDoesNotFailOnRequest("/api/issues/add_comment?key=ABCD", "POST");
-    executeVerifyStateDoesNotFailOnRequest("/api/issues/delete_comment?key=ABCD", "POST");
-    executeVerifyStateDoesNotFailOnRequest("/api/issues/edit_comment?key=ABCD", "POST");
-    executeVerifyStateDoesNotFailOnRequest("/api/issues/bulk_change?key=ABCD", "POST");
     executeVerifyStateDoesNotFailOnRequest("/api/projects/create?key=ABCD", "POST");
     executeVerifyStateDoesNotFailOnRequest("/api/properties/create?key=ABCD", "POST");
     executeVerifyStateDoesNotFailOnRequest("/api/user_properties", "POST");