External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-16 02:30:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

properly enforce CSRF validation

Browse Source 
see: https://github.com/ansible/tower/issues/2339
This commit is contained in:
Ryan Petrello
2018-06-27 15:50:07 -04:00
parent 39bc64d089
commit 504dfd32ee
5 changed files with 17 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
awx/api/views.py
View File

@@ -24,7 +24,8 @@ from django.shortcuts import get_object_or_404
from django.utils.encoding import smart_text
from django.utils.safestring import mark_safe
from django.utils.timezone import now
from django.views.decorators.csrf import csrf_exempt
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt, ensure_csrf_cookie
from django.template.loader import render_to_string
from django.http import HttpResponse
from django.contrib.contenttypes.models import ContentType
@@ -229,6 +230,7 @@ class ApiRootView(APIView):
versioning_class = None
swagger_topic = 'Versioning'
@method_decorator(ensure_csrf_cookie)
def get(self, request, format=None):
''' List supported API versions '''