[pmg-devel] applied: [PATCH pmg-api - stable-5] improve CSRF compat with newer PMG
Thomas Lamprecht
t.lamprecht at proxmox.com
Tue Aug 20 12:47:22 CEST 2019
On 8/19/19 5:15 PM, Stoiko Ivanov wrote:
> This patch follows (rather copies) 00c8c8fe0d3eefcca015f39c3e4967c70543e36e
> from pve-access-control for its stable-5 branch.
>
> Tested by creating a PMG-cluster with a PMG 5.2 as master, and a PMG 6.0 BETA
> as node, connecting to the PMG 6.0 and adding a Who object (which gets
> proxied to the master-node).
> Without the patch (and libpve-common-perl 5.0-52) -> 401 - invalid csrf token
> With the patch (and libpve-common-perl 5.0-54) -> 200 - invalid csrf token
>
> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
> ---
> Thanks @Thomas for the hint - should have done this initially myself!
>
> PMG/Ticket.pm | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
applied, thanks!
More information about the pmg-devel
mailing list