mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-10 08:52:39 +01:00
Unguard two external POST endpoints from CSRF.
This commit is contained in:
parent
ae7488f710
commit
a67ce60d67
2 changed files with 6 additions and 0 deletions
|
@ -25,6 +25,9 @@ class PhabricatorMetaMTASendGridReceiveController
|
|||
|
||||
public function processRequest() {
|
||||
|
||||
// No CSRF for SendGrid.
|
||||
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
|
||||
|
||||
$request = $this->getRequest();
|
||||
$user = $request->getUser();
|
||||
|
||||
|
|
|
@ -56,6 +56,9 @@ class PhabricatorRepositoryGitHubPostReceiveController
|
|||
"won't do anything!");
|
||||
}
|
||||
|
||||
// GitHub POSTs here and doesn't do CSRF.
|
||||
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
|
||||
|
||||
$notification = new PhabricatorRepositoryGitHubNotification();
|
||||
$notification->setRepositoryPHID($repo->getPHID());
|
||||
$notification->setRemoteAddress($_SERVER['REMOTE_ADDR']);
|
||||
|
|
Loading…
Reference in a new issue