vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Check CSRF after processing the oauth token.

Browse source
This commit is contained in:
jakedt 2014-03-25 15:37:58 -04:00
parent 26a57d0c21
commit f39793b3ac
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
endpoints/api/__init__.py
View file

@ -25,8 +25,8 @@ logger = logging.getLogger(__name__)
api_bp = Blueprint('api', __name__) api_bp = Blueprint('api', __name__)
api = Api() api = Api()
api.init_app(api_bp) api.init_app(api_bp)
api.decorators = [process_oauth, api.decorators = [csrf_protect,
csrf_protect, process_oauth,
crossdomain(origin='*', headers=['Authorization', 'Content-Type'])] crossdomain(origin='*', headers=['Authorization', 'Content-Type'])]