rhodecode-enterprise-ce Commit - r1310:e32790fb

auth: use pyramid HTTP excetion when detecting CSRF error. It helps catching this...

marcink -

r1310:e32790fb default

parent child

rhodecode/lib/auth.py

0 +2 -1

             from functools import wraps
             import ipaddress
+            from pyramid.httpexceptions import HTTPForbidden
             from pylons import url, request
             from pylons.controllers.util import abort, redirect
             from pylons.i18n.translation import _
                              'REMOTE_ADDR:%s, HEADERS:%s' % (
                                  request, reason, request.remote_addr, request.headers))
-                    abort(403, detail=csrf_message)
+                    raise HTTPForbidden(explanation=csrf_message)
             class LoginRequired(object):

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages