QT/superset2
1
0
Fork 0
mirror of https://github.com/apache/superset.git synced 2026-04-19 16:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

[api] enable CSRF by default (#9205)

Browse Source 
* [api] Fix, don't exempt CSRF on APIs

* adds cookie based CSRF token support

* blacking

Co-authored-by: ʈᵃᵢ <tdupreetan@gmail.com>
This commit is contained in:
Daniel Vaz Gaspar
2020-03-03 12:22:40 +00:00
committed by GitHub
parent 28c05b22e8
commit 26e916e46b
4 changed files with 76 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
superset/views/base_api.py
View File

@@ -63,6 +63,7 @@ class BaseSupersetModelRestApi(ModelRestApi):
Extends FAB's ModelResApi to implement specific superset generic functionality
"""
csrf_exempt = False
method_permission_name = {
"get_list": "list",
"get": "show",