Merge pull request #797 from metlos/endpoint-attributes

Add the missing dockerimage component endpoint attributes to the devfile reference

src/main/pages/che-7/end-user-guide/ref_devfile-reference.adoc

@@ -386,7 +386,17 @@ Here, there are two dockerimages, each defining a single endpoint. Endpoint is a
 
 * `protocol`: For public endpoints the protocol is a hint to the UI on how to construct the URL for the endpoint access. Typical values are `http`, `https`, `ws`, `wss`.
 
-If you start a new server within your component, Che will autodetect this and the UI will offer you to automatically expose this port as a `public` port. This is useful for debugging a web application, for example. But, it is not possible to do this for servers that autostart with the container (for example, a database server). For such components, you must specify the endpoints explicitly.
+* `secure`: A boolean (defaulting to `false`) specifying whether the endpoint is put behind a JWT proxy requiring a JWT workspace token to grant access.
+
+* `path`: The URL of the endpoint
+
+* `unsecuredPaths`: A comma-separated list of paths in the endpoint that should not be secured, even if the `secure` attribute is set to `true`
+
+* `cookieAuthEnabled`: When set to `true` (the default is `false`), the JWT workspace token is automatically fetched and included in a workspace-specific cookie to allow requests to pass through the JWT proxy.
++
+WARNING: This setting potentially allows a link:https://en.wikipedia.org/wiki/Cross-site_request_forgery[CSRF] attack when used in conjunction with a server using POST requests.
+
+When starting a new server within a component, Che autodetects this, and the UI offers to automatically expose this port as a `public` port. This is useful for debugging a web application, for example. It is not possible to do this for servers that autostart with the container (for example, a database server). For such components, specify the endpoints explicitly.
 
 ==== Kubernetes and OpenShift resources