Juan Hernandez has posted comments on this change. Change subject: restapi: Add CSRF protection filter ......................................................................
Patch Set 2: I don't know if the JavaScript engine is excluded by default in Gentoo. If it is I would consider it a bug. I would expect to have it available, as with any other major distribution of OpenJDK. You may want to fix it. The decision of what technologies to use in the RESTAPI is indeed within the limits of the domain of the RESTAPI maintainers, unless it causes problems in other parts of the engine. This is not the case. The extension mechanism isn't available yet, so we can't use it. Once it is available we can evaluate if it is appropriate or not for this purpose. Should it be appropriate then the RESTAPI can be changed to use it instead of calling the script directly. A simple network mask isn't enough, as we don't know what is the criteria that the user will want to use to decide which requests are trusted. It may be the source address, it may be the user agent, it may be the presence of a custom header, etc. So, all in all, I understand and reject your approach. -- To view, visit http://gerrit.ovirt.org/26578 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I68f03eeefe5bcb1956036b4a80fef4400c467346 Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Michael Pasternak <mishka8...@yahoo.com> Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com> Gerrit-Reviewer: Vojtech Szocs <vsz...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
