[Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST A

dolibarr-git

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST A

From:	Laurent Destailleur
Subject:	[Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST API
Date:	Sun, 27 Nov 2016 07:25:50 -0800

  Branch: refs/heads/develop
  Home:   https://github.com/Dolibarr/dolibarr
  Commit: 3830c405a80e7581e778f2a7894e5fa5e2b5ec0d
      
https://github.com/Dolibarr/dolibarr/commit/3830c405a80e7581e778f2a7894e5fa5e2b5ec0d
  Author: jfefe <address@hidden>
  Date:   2016-11-22 (Tue, 22 Nov 2016)

  Changed paths:
    M htdocs/api/index.php

  Log Message:
  -----------
  Disable CSRF check for REST API

This allow to do POST requests from another website.


  Commit: b436df32029999604d1021b70d5b34e0c56eb2a9
      
https://github.com/Dolibarr/dolibarr/commit/b436df32029999604d1021b70d5b34e0c56eb2a9
  Author: jfefe <address@hidden>
  Date:   2016-11-22 (Tue, 22 Nov 2016)

  Changed paths:
    M htdocs/api/class/api_generic.class.php

  Log Message:
  -----------
  Allow HTTP POST request for login API method.

This is more secure than do the request with sensitive value like password into 
URL parameters.


  Commit: 0322104e8e773312b53a5001426469fcea780224
      
https://github.com/Dolibarr/dolibarr/commit/0322104e8e773312b53a5001426469fcea780224
  Author: Regis Houssin <address@hidden>
  Date:   2016-11-24 (Thu, 24 Nov 2016)

  Changed paths:
    M htdocs/fourn/commande/list.php

  Log Message:
  -----------
  Fix: use string instead integer


  Commit: 1e647b082c3c4f9e0adbadee8095f8aeae3f5a4a
      
https://github.com/Dolibarr/dolibarr/commit/1e647b082c3c4f9e0adbadee8095f8aeae3f5a4a
  Author: Laurent Destailleur <address@hidden>
  Date:   2016-11-27 (Sun, 27 Nov 2016)

  Changed paths:
    M htdocs/api/class/api_generic.class.php
    M htdocs/api/index.php

  Log Message:
  -----------
  Merge pull request #6034 from aternatik/api_rest_allow_post

FIX Minor fixes for REST API


  Commit: 66901e860235609e27f738653272770c9428b721
      
https://github.com/Dolibarr/dolibarr/commit/66901e860235609e27f738653272770c9428b721
  Author: Laurent Destailleur <address@hidden>
  Date:   2016-11-27 (Sun, 27 Nov 2016)

  Changed paths:
    M htdocs/fourn/commande/list.php

  Log Message:
  -----------
  Merge pull request #6036 from hregis/4.0_bug

Fix: use string instead integer


  Commit: 18a1f9033c7eb695815ed2a1ffefd31ecf118522
      
https://github.com/Dolibarr/dolibarr/commit/18a1f9033c7eb695815ed2a1ffefd31ecf118522
  Author: Laurent Destailleur <address@hidden>
  Date:   2016-11-27 (Sun, 27 Nov 2016)

  Changed paths:
    M htdocs/api/class/api_login.class.php
    M htdocs/api/index.php
    M htdocs/fourn/commande/list.php

  Log Message:
  -----------
  Merge branch '4.0' of address@hidden:Dolibarr/dolibarr.git into develop

Conflicts:
        htdocs/api/class/api_generic.class.php
        htdocs/api/index.php


Compare: 
https://github.com/Dolibarr/dolibarr/compare/65951d2f1b59...18a1f9033c7e

[Prev in Thread]

Current Thread

[Next in Thread]

[Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST API, Laurent Destailleur, 2016/11/27
- [Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST API, Laurent Destailleur <=

Prev by Date: [Dolibarr-git] [Dolibarr/dolibarr] 017b18: Fix #6037 #6041
Next by Date: [Dolibarr-git] [Dolibarr/dolibarr] f7a07f: Supplier order statut is not reverted on RECEIVE t...
Previous by thread: [Dolibarr-git] [Dolibarr/dolibarr] 3830c4: Disable CSRF check for REST API
Next by thread: [Dolibarr-git] [Dolibarr/dolibarr] 032210: Fix: use string instead integer
Index(es):
- Date
- Thread