Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-18 16:25:16 +01:00
Code Issues Projects Releases Wiki Activity

Disable XSRF check for /service/token

Browse Source 
This commit disables XSRF check for "service/token" so that when
containerd sends `POST` it will not return 403 and containerd can
fallback to `GET` to complete the workflow.

Fixes #10305

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit is contained in:
Daniel Jiang 2019-12-27 14:01:40 +08:00
parent fe7fdeb723
commit cc63fa7b7a
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/core/service/token/token.go
View File

@ -27,6 +27,13 @@ type Handler struct {
beego.Controller beego.Controller
} }
// Prepare disables xsrf for /service/token endpoint.
// This is done on purpose b/c containerd will try to send POST and fallback to GET
// more details see #10305
func (h *Handler) Prepare() {
h.EnableXSRF = false
}
// Get handles GET request, it checks the http header for user credentials // Get handles GET request, it checks the http header for user credentials
// and parse service and scope based on docker registry v2 standard, // and parse service and scope based on docker registry v2 standard,
// checks the permission against local DB and generates jwt token. // checks the permission against local DB and generates jwt token.