Snippets Groups Projects

Commit 058fd28d authored 5 years ago by Tanner Prestegard Committed by GraceDB 5 years ago

Prevent certificate or basic auth on AJAX requests to the API

Discovered that AJAX requests to the API from the web view were
using certificates in people's browsers even if they were logged
out of the Django session.  So when they wanted to view the page
as a public user they still saw some extra information.

No security risk since they needed to have a valid certificate
anyway, but a bit annoying.

parent e6e2a9f3

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 15 additions and 0 deletions

Tanner Prestegard @tanner.prestegard
mentioned in commit 90377265
· 5 years ago

mentioned in commit 90377265

mentioned in commit 903772656e55fde83b14ae58e9ee94cbf8841404

Toggle commit list

Please register or to comment