[pve-devel] applied: [PATCH v3 manager 3/9] pveproxy: use new cookie extraction method

Thomas Lamprecht t.lamprecht at proxmox.com
Wed Jan 29 21:50:43 CET 2020


On 1/21/20 1:54 PM, Fabian Grünbichler wrote:
> we only care about the regular cookie case for the index.
> 
> Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
> ---
> 
> Notes:
>     versioned breaks/depends on libpve-http-perl!
> 
>  PVE/Service/pveproxy.pm | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/PVE/Service/pveproxy.pm b/PVE/Service/pveproxy.pm
> index cbab6abe..571a6bf5 100755
> --- a/PVE/Service/pveproxy.pm
> +++ b/PVE/Service/pveproxy.pm
> @@ -184,7 +184,7 @@ sub get_index {
>  		$lang = $newlang;
>  	    }
>  	}
> -	my $ticket = PVE::APIServer::Formatter::extract_auth_cookie($cookie, $server->{cookie_name});
> +	my $ticket = PVE::APIServer::Formatter::extract_auth_value($cookie, $server->{cookie_name});
>  	if (($username = PVE::AccessControl::verify_ticket($ticket, 1))) {
>  	    $token = PVE::AccessControl::assemble_csrf_prevention_token($username);
>  	}
> 

applied, thanks!




More information about the pve-devel mailing list