You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@brooklyn.apache.org by he...@apache.org on 2016/11/16 18:30:05 UTC

[1/2] brooklyn-ui git commit: request and set the csrf header protection added to brooklyn server

Repository: brooklyn-ui
Updated Branches:
  refs/heads/master c5e56897e -> cf57f7b14


request and set the csrf header protection added to brooklyn server


Project: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/commit/8c21530a
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/tree/8c21530a
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/diff/8c21530a

Branch: refs/heads/master
Commit: 8c21530af07bf57a3059a49f505340ad5628c5ff
Parents: c5e5689
Author: Alex Heneveld <al...@cloudsoftcorp.com>
Authored: Sun Nov 13 08:42:25 2016 -0700
Committer: Alex Heneveld <al...@cloudsoftcorp.com>
Committed: Sun Nov 13 09:03:42 2016 -0700

----------------------------------------------------------------------
 .../webapp/assets/js/model/server-extended-status.js   |  7 +++++++
 src/main/webapp/assets/js/router.js                    | 13 ++++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/brooklyn-ui/blob/8c21530a/src/main/webapp/assets/js/model/server-extended-status.js
----------------------------------------------------------------------
diff --git a/src/main/webapp/assets/js/model/server-extended-status.js b/src/main/webapp/assets/js/model/server-extended-status.js
index aa9e5fa..2bde5ee 100644
--- a/src/main/webapp/assets/js/model/server-extended-status.js
+++ b/src/main/webapp/assets/js/model/server-extended-status.js
@@ -22,6 +22,13 @@ define(["backbone", "brooklyn", "view/viewutils"], function (Backbone, Brooklyn,
         callbacks: [],
         loaded: false,
         url: "/v1/server/up/extended",
+        sync: function(method, collection, options){
+            options = options || {};
+            options.beforeSend = function (xhr) {
+                xhr.setRequestHeader('X-Csrf-Token-Required-For-Requests', 'write');
+            };
+            return Backbone.Model.prototype.sync.apply(this, arguments);
+        },
         onError: function(thiz,xhr,modelish) {
             log("ServerExtendedStatus: error contacting Brooklyn server");
             log(xhr);

http://git-wip-us.apache.org/repos/asf/brooklyn-ui/blob/8c21530a/src/main/webapp/assets/js/router.js
----------------------------------------------------------------------
diff --git a/src/main/webapp/assets/js/router.js b/src/main/webapp/assets/js/router.js
index d26bec2..6404285 100644
--- a/src/main/webapp/assets/js/router.js
+++ b/src/main/webapp/assets/js/router.js
@@ -254,7 +254,7 @@ define([
     });
 
     /*
-     * Prepend a base URL to REST API calls
+     * Prepend a base URL to REST API calls, and add the CSRF token if present.
      */
     $.ajaxSetup({
         beforeSend: function(jqXHR, settings) {
@@ -264,6 +264,17 @@ define([
             if (baseURL && settings.url.startsWith("/v1")) {
                 settings.url = (baseURL + settings.url).replace("//", "/");
             }
+            
+            // add CSRF token as header
+            var ca = document.cookie.split(';');
+            for (var i=0; i<ca.length; i++) {
+                var c = ca[i];
+                while (c.charAt(0)==' ') c = c.substring(1);
+                if (c.toLowerCase().indexOf('csrf-token') != -1) {
+                    var parts = c.split('=');
+                    jqXHR.setRequestHeader('X-'+parts[0], parts[1]);
+                }
+            }
         }
     });

[2/2] brooklyn-ui git commit: This closes #37

Posted by he...@apache.org.

This closes #37


Project: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/commit/cf57f7b1
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/tree/cf57f7b1
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/diff/cf57f7b1

Branch: refs/heads/master
Commit: cf57f7b1456c10c98d77564231f1cca071aae005
Parents: c5e5689 8c21530
Author: Alex Heneveld <al...@cloudsoftcorp.com>
Authored: Wed Nov 16 11:29:45 2016 -0700
Committer: Alex Heneveld <al...@cloudsoftcorp.com>
Committed: Wed Nov 16 11:29:45 2016 -0700

----------------------------------------------------------------------
 .../webapp/assets/js/model/server-extended-status.js   |  7 +++++++
 src/main/webapp/assets/js/router.js                    | 13 ++++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)
----------------------------------------------------------------------