Bug #3016

remove csrftoken from the body as soon as the request is authorized

Added by Jaime Melis over 6 years ago. Updated over 6 years ago.

Status:ClosedStart date:06/30/2014
Priority:NormalDue date:
Assignee:Daniel Molina% Done:

100%

Category:Sunstone
Target version:Release 4.8
Resolution:fixed Pull request:
Affected Versions:OpenNebula 4.6

Description

Sending the csrftoken to third party applications via sunstone plugins and custome routes may have adverse collateral effects. The csrftoken should be processed out of the request body.

Associated revisions

Revision 23412e95
Added by Jaime Melis over 6 years ago

Bug #3016: remove csrftoken from the body as soon as the request is authorized

History

#1 Updated by Jaime Melis over 6 years ago

  • Target version set to Release 4.8

#2 Updated by Tino Vázquez over 6 years ago

  • Assignee set to Jaime Melis

#3 Updated by Jaime Melis over 6 years ago

  • Assignee changed from Jaime Melis to Daniel Molina

#4 Updated by Jaime Melis over 6 years ago

  • Status changed from New to Assigned

Code review

#5 Updated by Daniel Molina over 6 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100
  • Resolution set to fixed

Also available in: Atom PDF