You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@allura.apache.org by Dave Brondsema <br...@users.sf.net> on 2014/01/06 20:47:30 UTC
[allura:tickets] #7026 Require POST for follow/unfollow actions
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** open
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Mon Jan 06, 2014 07:47 PM UTC
**Owner:** nobody
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #7026 Require POST for follow/unfollow actions
Posted by Cory Johns <ma...@users.sf.net>.
`allura:cj/7026`
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** code-review
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Mon Jan 13, 2014 08:00 PM UTC
**Owner:** Cory Johns
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #7026 Require POST for follow/unfollow actions
Posted by Dave Brondsema <br...@users.sf.net>.
The self.project and artifact.project changes should be split off into their own commit
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** in-progress
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Wed Jan 15, 2014 06:51 PM UTC
**Owner:** Cory Johns
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #7026 Require POST for follow/unfollow actions
Posted by Cory Johns <ma...@users.sf.net>.
- **status**: open --> in-progress
- **assigned_to**: Cory Johns
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** in-progress
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Fri Jan 10, 2014 08:33 PM UTC
**Owner:** Cory Johns
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #7026 Require POST for follow/unfollow actions
Posted by Dave Brondsema <br...@users.sf.net>.
- **status**: code-review --> in-progress
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** in-progress
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Wed Jan 15, 2014 06:51 PM UTC
**Owner:** Cory Johns
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #7026 Require POST for follow/unfollow actions
Posted by Dave Brondsema <br...@users.sf.net>.
- **status**: in-progress --> closed
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** closed
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Wed Jan 15, 2014 07:35 PM UTC
**Owner:** Cory Johns
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #7026 Require POST for follow/unfollow actions
Posted by Dave Brondsema <br...@users.sf.net>.
- **QA**: Dave Brondsema
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** code-review
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Mon Jan 13, 2014 10:41 PM UTC
**Owner:** Cory Johns
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #7026 Require POST for follow/unfollow actions
Posted by Dave Brondsema <br...@users.sf.net>.
- **Size**: --> 1
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** open
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Mon Jan 06, 2014 07:47 PM UTC
**Owner:** nobody
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
[allura:tickets] #7026 Require POST for follow/unfollow actions
Posted by Cory Johns <ma...@users.sf.net>.
- **status**: in-progress --> code-review
---
** [tickets:#7026] Require POST for follow/unfollow actions**
**Status:** code-review
**Labels:** activitystreams security
**Created:** Mon Jan 06, 2014 07:47 PM UTC by Dave Brondsema
**Last Updated:** Mon Jan 13, 2014 08:00 PM UTC
**Owner:** Cory Johns
`def follow` in `forgeactivity/main.py` should require POST. And templates and tests should be changed to send posts (and don't forget the csrf token).
---
Sent from sourceforge.net because allura-dev@incubator.apache.org is subscribed to https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.