brooklyn-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From drigod...@apache.org
Subject [1/2] brooklyn-ui git commit: Add CSRF header on the swagger page
Date Fri, 10 Feb 2017 09:18:44 GMT
Repository: brooklyn-ui
Updated Branches:
  refs/heads/master 4917b0966 -> f45d697b1


Add CSRF header on the swagger page


Project: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/commit/2df4678f
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/tree/2df4678f
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-ui/diff/2df4678f

Branch: refs/heads/master
Commit: 2df4678f7307c9a1bc352253f73ad45c597da9db
Parents: 4917b09
Author: Thomas Bouron <thomas.bouron@cloudsoftcorp.com>
Authored: Thu Feb 9 13:47:53 2017 +0000
Committer: Thomas Bouron <thomas.bouron@cloudsoftcorp.com>
Committed: Thu Feb 9 13:47:53 2017 +0000

----------------------------------------------------------------------
 src/main/webapp/assets/html/swagger-ui.html | 10 ++++++++++
 1 file changed, 10 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/brooklyn-ui/blob/2df4678f/src/main/webapp/assets/html/swagger-ui.html
----------------------------------------------------------------------
diff --git a/src/main/webapp/assets/html/swagger-ui.html b/src/main/webapp/assets/html/swagger-ui.html
index db6e754..e3f307f 100644
--- a/src/main/webapp/assets/html/swagger-ui.html
+++ b/src/main/webapp/assets/html/swagger-ui.html
@@ -50,6 +50,16 @@
                 supportedSubmitMethods: ['get', 'post', 'put', 'delete'],
                 onComplete: function (swaggerApi, swaggerUi) {
                     log("Brooklyn swagger api doc loaded");
+                    // add CSRF token as header
+                    var ca = document.cookie.split(';');
+                    for (var i=0; i<ca.length; i++) {
+                        var c = ca[i];
+                        while (c.charAt(0)==' ') c = c.substring(1);
+                        if (c.toLowerCase().indexOf('csrf-token') != -1) {
+                            var parts = c.split('=');
+                            swaggerApi.clientAuthorizations.add('X-CSRF-TOKEN', new SwaggerClient.ApiKeyAuthorization('X-CSRF-TOKEN',
parts[1], 'header'));
+                        }
+                    }
                 },
                 onFailure: function (data) {
                     log("Unable to Load SwaggerUI");


Mime
View raw message