forge/Vervis
1
0
Fork 0
Code Pull requests Activity

No CSRF token check for Dvara routes, they do it for themselves when needed

Browse source
This commit is contained in:
fr33domlover 2020-09-01 14:11:47 +00:00
parent 7415175bea
commit e2ac053d2b
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/Vervis/Foundation.hs
View file

@ -210,6 +210,7 @@ instance Yesod App where
Just (ProjectInboxR _ _) -> return False Just (ProjectInboxR _ _) -> return False
Just (RepoInboxR _ _) -> return False Just (RepoInboxR _ _) -> return False
Just (GitUploadRequestR _ _) -> return False Just (GitUploadRequestR _ _) -> return False
Just (DvaraR _) -> return False
Just r -> isWriteRequest r Just r -> isWriteRequest r
) )
defaultCsrfHeaderName defaultCsrfHeaderName