Juan Hernandez has posted comments on this change. Change subject: webadmin: Enable RESTAPI CSRF protection ......................................................................
Patch Set 1: Keith, Spenser, I'm adding you so that you are aware that this will be potentially enabled by users. Once it is the RESTAPI clients will have to send the "JSESSIONID" header. This is relevant in particular for any UI plugin that uses the session id provided by the UI plugin infrastructure. -- To view, visit http://gerrit.ovirt.org/29682 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I92c41f18bcbb90441f352444dcc78408e8e61b16 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <[email protected]> Gerrit-Reviewer: Alexander Wels <[email protected]> Gerrit-Reviewer: Juan Hernandez <[email protected]> Gerrit-Reviewer: Keith Robertson <[email protected]> Gerrit-Reviewer: Spenser Shumaker <[email protected]> Gerrit-Reviewer: Vojtech Szocs <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
