mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-23 15:22:41 +01:00
No description
3b5883d8c1
Summary: In some applications, using `{V2}` syntax to embed a vote throws. The chain of causality looks like this: - We try to render a `phabricator_form()`. - This requires a CSRF token. - We look for a CSRF token on the user. - It's an omnipotent user with no token, so everything fails. To resolve this, make sure we always pass the real user in. Test Plan: - Lots of `grep`. - Made a Differential comment with `{V2}`. - Made a Diffusion comment with `{V2}`. - Made a Maniphest comment with `{V2}`. - Replied to a Conpherence thread with `{V2}`. - Created a Conpherence thread with `{V2}`. - Used Conduit to update a Conpherence thread with `{V2}`. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley, lkassianik Differential Revision: https://secure.phabricator.com/D8849 |
||
---|---|---|
bin | ||
conf | ||
externals | ||
resources | ||
scripts | ||
src | ||
support | ||
webroot | ||
.arcconfig | ||
.editorconfig | ||
.gitignore | ||
LICENSE | ||
NOTICE | ||
README |
Phabricator is an open source collection of web applications which help software companies build better software. Phabricator includes applications for: - reviewing and auditing source code; - hosting and browsing repositories; - assembling a party to venture forth; - tracking bugs; - hiding stuff from coworkers; and - also some other things. You can learn more about the project (and find links to documentation and resources) here: http://phabricator.org/ Phabricator is developed and maintained by Phacility. The first version of Phabricator was originally built at Facebook. LICENSE Phabricator is released under the Apache 2.0 license except as otherwise noted.