[pve-devel] applied: [PATCH manager] http-server: fix for api token csrf token check

Thomas Lamprecht t.lamprecht at proxmox.com
Thu Apr 22 11:29:19 CEST 2021


On 22.04.21 10:46, Lorenz Stechauner wrote:
> Do not check any csrf tokens for auth with api tokens.
> 
> Signed-off-by: Lorenz Stechauner <l.stechauner at proxmox.com>
> ---
>  PVE/HTTPServer.pm | 12 +++++++-----
>  1 file changed, 7 insertions(+), 5 deletions(-)
> 
>

applied, thanks! Added an actual comment explaining this and the why
in a followup commit...




More information about the pve-devel mailing list