enapps-enorman opened a new pull request #5: URL: https://github.com/apache/sling-org-apache-sling-scripting-core/pull/5
Changes the request flow a bit, so the all the calls from the "Scripting Variables" form are POSTed to the ScriptingVariablesConsolePlugin servlet (which would flow though OsgiManagerHttpContext#handleSecurity). The new post handling generates a one-time-use token to pass along as a request parameter and then redirects to the main sling servlet to generate the response. Changes were also made to ensure that any request to the SlingBindingsVariablesListJsonServlet that arrives without the expected request parameter is not accepted via implementing OptingServlet. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
