[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST A
From: |
Laurent Destailleur |
Subject: |
[Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST API |
Date: |
Sun, 27 Nov 2016 06:10:04 -0800 |
Branch: refs/heads/4.0
Home: https://github.com/Dolibarr/dolibarr
Commit: 3830c405a80e7581e778f2a7894e5fa5e2b5ec0d
https://github.com/Dolibarr/dolibarr/commit/3830c405a80e7581e778f2a7894e5fa5e2b5ec0d
Author: jfefe <address@hidden>
Date: 2016-11-22 (Tue, 22 Nov 2016)
Changed paths:
M htdocs/api/index.php
Log Message:
-----------
Disable CSRF check for REST API
This allow to do POST requests from another website.
Commit: b436df32029999604d1021b70d5b34e0c56eb2a9
https://github.com/Dolibarr/dolibarr/commit/b436df32029999604d1021b70d5b34e0c56eb2a9
Author: jfefe <address@hidden>
Date: 2016-11-22 (Tue, 22 Nov 2016)
Changed paths:
M htdocs/api/class/api_generic.class.php
Log Message:
-----------
Allow HTTP POST request for login API method.
This is more secure than do the request with sensitive value like password into
URL parameters.
Commit: 1e647b082c3c4f9e0adbadee8095f8aeae3f5a4a
https://github.com/Dolibarr/dolibarr/commit/1e647b082c3c4f9e0adbadee8095f8aeae3f5a4a
Author: Laurent Destailleur <address@hidden>
Date: 2016-11-27 (Sun, 27 Nov 2016)
Changed paths:
M htdocs/api/class/api_generic.class.php
M htdocs/api/index.php
Log Message:
-----------
Merge pull request #6034 from aternatik/api_rest_allow_post
FIX Minor fixes for REST API
Compare:
https://github.com/Dolibarr/dolibarr/compare/b63ad019cea0...1e647b082c3c
- [Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST API,
Laurent Destailleur <=