Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add back xsrf and csrf protection to Jupyter #9

Open
ericfranz opened this issue May 18, 2017 · 0 comments
Open

Add back xsrf and csrf protection to Jupyter #9

ericfranz opened this issue May 18, 2017 · 0 comments

Comments

@ericfranz
Copy link
Contributor

We disabled it for an immediate fix to connecting to Jupyter as we launch using https://github.com/OSC/bc_osc_jupyter/blob/master/connection.html.mustache

The error actually said that the POST was missing _xsrf. So I think we could actually set a hidden field _xsrf with the proper value and it would work. Since we are starting the server, its possible we would know this ahead of time. However, implementing #8 would be another option and then we could just reenable the xsrf/csrf protection because we wouldn't be using POST via a form anymore from vncsim.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant