[pmg-devel] [PATCH pmg-api 0/2] use hmac_sha_256 for csrf token
Stoiko Ivanov
s.ivanov at proxmox.com
Fri Aug 16 16:02:21 CEST 2019
This patch-series initially was sent out by Oguz [0] and discussed in [1].
I tried to wrap my head around it and test it some (see commit messag of 2/2)
After applying this (also to a future stable-5 branch we could consider also
releasing libpve-common-perl 5.0-54 for PMG (it's currently on 5.0-52, and I
assume it's due to this missing link).
My tests were done on a PMG 5.2 with 5.0-54.
[0] https://pve.proxmox.com/pipermail/pmg-devel/2019-June/000447.html
[1] https://pve.proxmox.com/pipermail/pmg-devel/2019-July/000460.html
Stoiko Ivanov (2):
use hmac_sha_256 for csrf token
improve csrf backward compatibility
src/PMG/Ticket.pm | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
--
2.20.1
More information about the pmg-devel
mailing list