1. 03 Jan, 2022 1 commit
  2. 30 Sep, 2021 1 commit
  3. 11 Aug, 2021 1 commit
    • Laurent Peuch's avatar
      fix: on /rqlio, csrf is activaved only on multipart/form-data · 42202cdd7c57
      Laurent Peuch authored
      POST for application/json are safe from csrf but not multipart/form-data.
      CSRF protection is thus disabled on application/json (no matter the authentications method).
      
      For multipart/form-data, there are 3 usecases:
      
      1. multipart/form-data authenticated by cookies (webrowser), this requires
         csrf and this is handled by MultipartRqlIOController.
      2. multipart/form-data anon user, this does not require csrf and this in
         handled by AnonMultipartRqlIOController
      3. multipart/form-data authenticated with authorization, this does not
         requires csrf as there is an authentification. This is not handled here
         but in signed-request that implements the authentification.
      42202cdd7c57
  4. 30 Jul, 2021 3 commits
  5. 13 Jan, 2021 1 commit
  6. 20 Mar, 2020 2 commits
  7. 11 Jun, 2018 1 commit
  8. 04 Jun, 2018 2 commits
  9. 02 Feb, 2018 2 commits
    • Denis Laxalde's avatar
      Flake8 tests · c46865bb30f0
      Denis Laxalde authored
      Related to #17047898.
      c46865bb30f0
    • Denis Laxalde's avatar
      [test] Add a tox configuration · 6356699c3343
      Denis Laxalde authored
      Which includes a lower bound for python-requests so that we can drop the
      "skip" in tests. Also avoid usage of lgc.testlib.
      
      Closes #17047815 by filling test dependencies in tox.ini.
      6356699c3343
  10. 02 Sep, 2016 1 commit
  11. 22 May, 2015 1 commit
  12. 07 Oct, 2014 1 commit
  13. 03 Oct, 2014 1 commit
  14. 07 Oct, 2014 1 commit
  15. 03 Oct, 2014 1 commit
  16. 24 Jul, 2014 1 commit
  17. 13 Mar, 2014 1 commit
  18. 10 Jun, 2014 1 commit
  19. 12 Mar, 2014 3 commits
  20. 11 Mar, 2014 1 commit