Files @ ae947de541d5
Branch filter:

Location: kallithea/docs/api/models.rst - annotation

ae947de541d5 632 B text/prs.fallenstein.rst Show Source Show as Raw Download as Raw
Mads Kiilerich
auth: check CSRF protection token when authenticating

Use pylons secure_form to get CSRF protection on all authenticated POSTs. This
fixes CVE-2015-0276.

GETs should not have any side effects and do thus not need CSRF protection.

Reported by Paul van Empelen.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
64a5386216c5
bb35ad076e2f
17c9393e9645
bb35ad076e2f
bb35ad076e2f
bb35ad076e2f
7e5f8c12a3fc
bb35ad076e2f
8b8edfc25856
7e5f8c12a3fc
9da24750f563
8b8edfc25856
7e5f8c12a3fc
8b8edfc25856
9da24750f563
7e5f8c12a3fc
bb35ad076e2f
9da24750f563
7e5f8c12a3fc
8b8edfc25856
9da24750f563
7e5f8c12a3fc
8b8edfc25856
bb35ad076e2f
499c513967a1
9da24750f563
8b8edfc25856
7e5f8c12a3fc
bb35ad076e2f
8b8edfc25856
7e5f8c12a3fc
8b8edfc25856
8b8edfc25856
499c513967a1
8b8edfc25856

.. _models:

========================
The :mod:`models` Module
========================

.. automodule:: kallithea.model
   :members:

.. automodule:: kallithea.model.comment
   :members:

.. automodule:: kallithea.model.notification
   :members:

.. automodule:: kallithea.model.permission
   :members:

.. automodule:: kallithea.model.repo_permission
   :members:

.. automodule:: kallithea.model.repo
   :members:

.. automodule:: kallithea.model.repo_group
   :members:

.. automodule:: kallithea.model.scm
   :members:

.. automodule:: kallithea.model.user
   :members:

.. automodule:: kallithea.model.user_group
   :members:
Server instance: clio-5165 This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3. – Support