]> git.apps.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9b8513d) | patch
mgr/dashboard: fix cookie injection issue
authorErnesto Puerta <epuertat@redhat.com>
Thu, 13 May 2021 15:43:56 +0000 (17:43 +0200)
committerSage Weil <sage@newdream.net>
Thu, 13 May 2021 16:52:49 +0000 (12:52 -0400)
commit7a1ca8d372da3b6a4fc3d221a0e5f72d1d61c27b
tree4df2c869fef1610af8babf1c6c1c6a42a7ad5632tree | snapshot
parent9b8513de6b30ef8109556e477c4cb44f005f0067commit | diff
mgr/dashboard: fix cookie injection issue

Fixes: CVE-2021-3509
Signed-off-by: Ernesto Puerta <epuertat@redhat.com>
(cherry picked from commit b39922818bc57cde1b016e9ad41908b18063b93b)

Conflicts:
src/pybind/mgr/dashboard/controllers/docs.py
        - Remove allow_empty_body and _with_token method
src/pybind/mgr/dashboard/controllers/docs.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.