revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-03-30 14:08:11 +02:00
Code Issues Releases Wiki Activity
phorge-phorge/src/infrastructure
History
epriestley 3b5883d8c1 Fix an issue with embedding slowvotes 
Summary:
In some applications, using `{V2}` syntax to embed a vote throws. The chain of causality looks like this:

  - We try to render a `phabricator_form()`.
  - This requires a CSRF token.
  - We look for a CSRF token on the user.
  - It's an omnipotent user with no token, so everything fails.

To resolve this, make sure we always pass the real user in.

Test Plan:
  - Lots of `grep`.
  - Made a Differential comment with `{V2}`.
  - Made a Diffusion comment with `{V2}`.
  - Made a Maniphest comment with `{V2}`.
  - Replied to a Conpherence thread with `{V2}`.
  - Created a Conpherence thread with `{V2}`.
  - Used Conduit to update a Conpherence thread with `{V2}`.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley, lkassianik

Differential Revision: https://secure.phabricator.com/D8849
2014-04-23 16:30:38 -07:00
..
__tests__ Added some additional assertion methods. 2014-03-08 19:16:21 -08:00
celerity Add Glyphicons Halflings Font and Examples 2014-04-17 17:31:23 -07:00
customfield Use standard handle loading in Releeph 2014-04-18 17:52:32 -07:00
daemon Allow tasks to yield to other tasks 2014-04-16 13:02:12 -07:00
diff Align textarea in diff comment 2014-02-28 08:40:02 -08:00
edges Added some additional assertion methods. 2014-03-08 19:16:21 -08:00
env Modernize documentation links 2014-03-17 15:01:31 -07:00
events Various linter fixes. 2014-02-26 12:44:58 -08:00
internationalization When a diff has 12,345 lines, render "12,345 lines" instead of "12 lines" 2014-04-18 17:52:11 -07:00
javelin Remove the developer-specific CSRF help in phabricator_form() 2014-04-15 10:18:41 -07:00
lint Fix two bugs with DraggableList 2014-01-13 12:23:20 -08:00
log Add an SSH access log 2013-12-05 17:00:48 -08:00
management Extend all "ManagementWorkflow" classes from a base class 2013-12-27 13:15:40 -08:00
markup Fix an issue with embedding slowvotes 2014-04-23 16:30:38 -07:00
query Allow filtering of "date" custom fields 2014-03-25 14:21:32 -07:00
ssh Fix an issue where SSH workflows would execute immediately 2013-12-27 15:18:03 -08:00
storage Add semi-generic rate limiting infrastructure 2014-04-03 11:22:38 -07:00
testing Implement an approval queue 2013-11-13 11:24:56 -08:00
time Added some additional assertion methods. 2014-03-08 19:16:21 -08:00
util Change password_hash() algorithm from CRYPT_BLOWFISH to PASSWORD_BCRYPT. 2014-04-18 13:38:36 -07:00
PhabricatorEditor.php Use ManiphestTaskQuery in nearly all interfaces 2013-09-25 13:44:14 -07:00