Juan Hernandez has posted comments on this change. Change subject: restapi: Add CSRF protection filter ......................................................................
Patch Set 2: The JavaScript engine isn't optional in any version of OpenJDK that I'm aware of. Masking an IP address is just an example. The objective of using an script is giving the user the flexibility to decide what should be trusted and what not. The processing of session cookies happens before the application is called, thus before the filter is called. -- To view, visit http://gerrit.ovirt.org/26578 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I68f03eeefe5bcb1956036b4a80fef4400c467346 Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Juan Hernandez <[email protected]> Gerrit-Reviewer: Michael Pasternak <[email protected]> Gerrit-Reviewer: Sandro Bonazzola <[email protected]> Gerrit-Reviewer: Vojtech Szocs <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
