Page MenuHomePhabricator

Tailor the CSRF check message for HTTP requests with "security.require-https"
AcceptedPublic

Authored by epriestley on Apr 13 2017, 2:55 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Mar 16, 4:36 PM
Unknown Object (File)
Feb 20 2024, 2:12 AM
Unknown Object (File)
Feb 3 2024, 3:33 PM
Unknown Object (File)
Jan 31 2024, 6:13 PM
Unknown Object (File)
Jan 25 2024, 11:59 AM
Unknown Object (File)
Jan 6 2024, 5:24 PM
Unknown Object (File)
Jan 6 2024, 4:42 PM
Unknown Object (File)
Dec 21 2023, 5:35 PM
Subscribers
None

Details

Summary

Ref T12547. See that task for discussion.

Test Plan
  • Changed storage.default-namespace to a new value.
  • Upgraded database.
  • Enabled security.require-https.
  • Registered over plain HTTP.
  • After patch, got a more tailored exception instead of the more general/misleading one from before.

Diff Detail

Repository
rP Phabricator
Branch
tailor1
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 16441
Build 21880: Run Core Tests
Build 21879: arc lint + arc unit