Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #10363 from reasonerjt/disable-token-service-xsrf-1.9 

Disable XSRF check for /service/token - cherry pick to 1.9
This commit is contained in:
Daniel Jiang 2019-12-28 00:06:04 +08:00 committed by GitHub
parent 5f2ecf1abb ce437f269f
commit 49eb397c09
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/core/service/token/token.go
View File

@ -27,6 +27,13 @@ type Handler struct {
beego.Controller
}
// Prepare disables xsrf for /service/token endpoint.
// This is done on purpose b/c containerd will try to send POST and fallback to GET
// more details see #10305
func (h *Handler) Prepare() {
h.EnableXSRF = false
}
// Get handles GET request, it checks the http header for user credentials
// and parse service and scope based on docker registry v2 standard,
// checkes the permission against local DB and generates jwt token.