zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-14 00:17:20 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add XSRF protection to legacy authentication mechanism

Browse source 
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=148689952
This commit is contained in:
mountford 2017-02-27 13:53:10 -08:00 committed by Ben McIlwain
parent a5932c0fc3
commit c7a62e9b98
12 changed files with 227 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

3
java/google/registry/request/Route.java
View file

@ -42,6 +42,7 @@ abstract class Route {
}
boolean shouldXsrfProtect(Action.Method requestMethod) {
return action().xsrfProtection() && requestMethod != Action.Method.GET;
return action().xsrfProtection()
&& (requestMethod != Action.Method.GET) && (requestMethod != Action.Method.HEAD);
}
}