Files
@ ae947de541d5
Branch filter:
Location: kallithea/setup.cfg - annotation
ae947de541d5
805 B
text/x-ini
auth: check CSRF protection token when authenticating
Use pylons secure_form to get CSRF protection on all authenticated POSTs. This
fixes CVE-2015-0276.
GETs should not have any side effects and do thus not need CSRF protection.
Reported by Paul van Empelen.
Use pylons secure_form to get CSRF protection on all authenticated POSTs. This
fixes CVE-2015-0276.
GETs should not have any side effects and do thus not need CSRF protection.
Reported by Paul van Empelen.
564e40829f80 acaa02179aeb acaa02179aeb acaa02179aeb 564e40829f80 564e40829f80 acaa02179aeb acaa02179aeb acaa02179aeb acaa02179aeb acaa02179aeb 564e40829f80 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 564e40829f80 564e40829f80 564e40829f80 7e5f8c12a3fc 10df28cbcce7 ad38f9f93b3b 3483de9d11e5 564e40829f80 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 0a48c1ec04fc 0a48c1ec04fc 0a48c1ec04fc acaa02179aeb acaa02179aeb 0a48c1ec04fc 0a48c1ec04fc 3483de9d11e5 acaa02179aeb | [egg_info]
tag_build =
tag_svn_revision = 0
tag_date = 0
[nosetests]
verbose = True
verbosity = 2
with-pylons = test.ini
detailed-errors = 1
nologcapture = 1
[compile_catalog]
domain = kallithea
directory = kallithea/i18n
statistics = true
[extract_messages]
add_comments = TRANSLATORS:
output_file = kallithea/i18n/kallithea.pot
msgid-bugs-address = translations@kallithea-scm.org
copyright-holder = Various authors, licensing as GPLv3
no-wrap = true
[init_catalog]
domain = kallithea
input_file = kallithea/i18n/kallithea.pot
output_dir = kallithea/i18n
[update_catalog]
domain = kallithea
input_file = kallithea/i18n/kallithea.pot
output_dir = kallithea/i18n
previous = true
[build_sphinx]
source-dir = docs/
build-dir = docs/_build
all_files = 1
[upload_sphinx]
upload-dir = docs/_build/html
|