Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-01 08:09:59 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #10364 from reasonerjt/disable-token-service-xsrf-1.10

Browse Source 
Disable XSRF check for /service/token - cherry pick to 1.10
This commit is contained in:
Daniel Jiang 2019-12-28 00:05:41 +08:00 committed by GitHub
commit dd80db67c1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/core/service/token/token.go
View File

@ -27,6 +27,13 @@ type Handler struct {
beego.Controller beego.Controller
} }
// Prepare disables xsrf for /service/token endpoint.
// This is done on purpose b/c containerd will try to send POST and fallback to GET
// more details see #10305
func (h *Handler) Prepare() {
h.EnableXSRF = false
}
// Get handles GET request, it checks the http header for user credentials // Get handles GET request, it checks the http header for user credentials
// and parse service and scope based on docker registry v2 standard, // and parse service and scope based on docker registry v2 standard,
// checks the permission against local DB and generates jwt token. // checks the permission against local DB and generates jwt token.