[pmg-devel] [PATCH api] use hmac_sha_256 for csrf token
t.lamprecht at proxmox.com
Thu Jul 25 18:32:56 CEST 2019
On 7/25/19 1:33 PM, Oguz Bektas wrote:
>> Did you also test this? And if, how did you test it?
> i did not, but this is the only place where we have anything to do with
> the ticket/csrf token. the rest is taken from PVE stack which already
> i can test it if you like, and let you know today.
just for the protocol, as talked off-list: pve-access-control is not used
by the PMG, so anything done there does not helps us here.
More information about the pmg-devel