Juan Hernandez has posted comments on this change. Change subject: restapi: Add CSRF protection filter ......................................................................
Patch Set 2: The JavaScript engine isn't optional in any version of OpenJDK that I'm aware of. Masking an IP address is just an example. The objective of using an script is giving the user the flexibility to decide what should be trusted and what not. The processing of session cookies happens before the application is called, thus before the filter is called. -- To view, visit http://gerrit.ovirt.org/26578 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I68f03eeefe5bcb1956036b4a80fef4400c467346 Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Michael Pasternak <mishka8...@yahoo.com> Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com> Gerrit-Reviewer: Vojtech Szocs <vsz...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
