* [PATCH 0/1] Call csrf function in all pages to ensure cookie is sent
@ 2015-08-18 22:10 brian avery
0 siblings, 0 replies; 3+ messages in thread
From: brian avery @ 2015-08-18 22:10 UTC (permalink / raw)
To: bitbake-devel
Simple addition of cross site request forgery protection to base page so it is inherited everywhere.
The following changes since commit c348fa50186fb0796bc7b793c4b8d710419f2a0d:
bitbake: toaster: move code from setup_lv_tests to setUp (2015-08-17 14:41:45 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib bavery/submit/michaelw/20150817_csrf_added_base
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/submit/michaelw/20150817_csrf_added_base
Michael Wood (1):
bitbake: toastergui: Call csrf function in all pages to ensure cookie
is sent
lib/toaster/toastergui/templates/base.html | 1 +
1 file changed, 1 insertion(+)
--
1.9.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 0/1] Call csrf function in all pages to ensure cookie is sent
@ 2015-08-18 22:32 brian avery
2015-08-18 22:32 ` [PATCH 1/1] toastergui: " brian avery
0 siblings, 1 reply; 3+ messages in thread
From: brian avery @ 2015-08-18 22:32 UTC (permalink / raw)
To: bitbake-devel
Simple addition of cross site request forgery protection to base page so it is inherited everywhere.
The following changes since commit c348fa50186fb0796bc7b793c4b8d710419f2a0d:
bitbake: toaster: move code from setup_lv_tests to setUp (2015-08-17 14:41:45 +0100)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib bavery/submit/michaelw/20150817_csrf_added_base
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/submit/michaelw/20150817_csrf_added_base
Michael Wood (1):
toastergui: Call csrf function in all pages to ensure cookie is sent
lib/toaster/toastergui/templates/base.html | 1 +
1 file changed, 1 insertion(+)
--
1.9.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 1/1] toastergui: Call csrf function in all pages to ensure cookie is sent
2015-08-18 22:32 [PATCH 0/1] Call csrf function in all pages to ensure cookie is sent brian avery
@ 2015-08-18 22:32 ` brian avery
0 siblings, 0 replies; 3+ messages in thread
From: brian avery @ 2015-08-18 22:32 UTC (permalink / raw)
To: bitbake-devel
From: Michael Wood <michael.g.wood@intel.com>
Not all pages call the csrf token template function so django does not
bother to send the cookike, this meant that all subsequent ajax calls
fail. So add this to the base template.
[YOCTO #8175]
Signed-off-by: Michael Wood <michael.g.wood@intel.com>
Signed-off-by: brian avery <avery.brian@gmail.com>
---
lib/toaster/toastergui/templates/base.html | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/toaster/toastergui/templates/base.html b/lib/toaster/toastergui/templates/base.html
index d75bf16..f187100 100644
--- a/lib/toaster/toastergui/templates/base.html
+++ b/lib/toaster/toastergui/templates/base.html
@@ -69,6 +69,7 @@
<body style="height: 100%">
+ {% csrf_token %}
<div id="loading-notification" class="alert lead text-center" style="display:none">
Loading <i class="fa-pulse icon-spinner"></i>
</div>
--
1.9.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-08-18 22:32 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-08-18 22:32 [PATCH 0/1] Call csrf function in all pages to ensure cookie is sent brian avery
2015-08-18 22:32 ` [PATCH 1/1] toastergui: " brian avery
-- strict thread matches above, loose matches on Subject: below --
2015-08-18 22:10 [PATCH 0/1] " brian avery
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.