Bug #3016
remove csrftoken from the body as soon as the request is authorized
| Status: | Closed | Start date: | 06/30/2014 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Daniel Molina | % Done: | 100% | |
| Category: | Sunstone | |||
| Target version: | Release 4.8 | |||
| Resolution: | fixed | Pull request: | ||
| Affected Versions: | OpenNebula 4.6 |
Description
Sending the csrftoken to third party applications via sunstone plugins and custome routes may have adverse collateral effects. The csrftoken should be processed out of the request body.
Associated revisions
Bug #3016: remove csrftoken from the body as soon as the request is authorized
History
#1
Updated by Jaime Melis about 7 years ago
- Target version set to Release 4.8
#2
Updated by Tino Vázquez almost 7 years ago
- Assignee set to Jaime Melis
#3
Updated by Jaime Melis almost 7 years ago
- Assignee changed from Jaime Melis to Daniel Molina
#5
Updated by Daniel Molina almost 7 years ago
- Status changed from Assigned to Closed
- % Done changed from 0 to 100
- Resolution set to fixed