Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2025-02-01 12:31:23 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #10362 from reasonerjt/disable-token-service-xsrf

Browse Source 
Disable XSRF check for /service/token
This commit is contained in:
Wenkai Yin(尹文开) 2019-12-27 16:10:25 +08:00 committed by GitHub
commit 82adac43b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/core/service/token/token.go
View File

@ -27,6 +27,13 @@ type Handler struct {
beego.Controller beego.Controller
} }
// Prepare disables xsrf for /service/token endpoint.
// This is done on purpose b/c containerd will try to send POST and fallback to GET
// more details see #10305
func (h *Handler) Prepare() {
h.EnableXSRF = false
}
// Get handles GET request, it checks the http header for user credentials // Get handles GET request, it checks the http header for user credentials
// and parse service and scope based on docker registry v2 standard, // and parse service and scope based on docker registry v2 standard,
// checks the permission against local DB and generates jwt token. // checks the permission against local DB and generates jwt token.