Vitor-Avila opened a new pull request, #31798: URL: https://github.com/apache/superset/pull/31798
### SUMMARY https://github.com/apache/superset/pull/29953 removed the CSRF requirement for endpoints used to download a dashboard as PNG/PDF, so that these work in embedded mode. This PR changes the FF validation logic for these endpoints from using `before_request` to a new decorator, as `before_request` was causing issues to the `WTF_CSRF_EXEMPT_LIST` config. ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF No UI changes. ### TESTING INSTRUCTIONS 1. Have async dashboard screenshot download configured. 2. Access an embedded dashboard and validate that the PDF download works. ### ADDITIONAL INFORMATION <!--- Check any relevant boxes with "x" --> <!--- HINT: Include "Fixes #nnn" if you are fixing an existing issue --> - [ ] Has associated issue: - [ ] Required feature flags: - [ ] Changes UI - [ ] Includes DB Migration (follow approval process in [SIP-59](https://github.com/apache/superset/issues/13351)) - [ ] Migration is atomic, supports rollback & is backwards-compatible - [ ] Confirm DB migration upgrade and downgrade tested - [ ] Runtime estimates and downtime expectations provided - [ ] Introduces new feature or API - [ ] Removes existing feature or API -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org For additional commands, e-mail: notifications-h...@superset.apache.org
