Mercurial > kallithea
view MANIFEST.in @ 7701:9c2fc1390291
tests: prepare for adding CSRF protection on login forms
CSRF is about avoiding abuse of credentials by doing things in existing
sessions. The login form does not have any previous credentials, so there is
nothing to abuse and no real need for CSRF protection. But there is still an
unauth session, so we *can* have CSRF protection.
CSRF protection is currently in LoginRequired (which obviously isn't
applied to the login form), but let's prepare for changing that.
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Fri, 04 Jan 2019 03:42:17 +0100 |
parents | 19a9f02443c8 |
children | ddfecf9fe7f2 |
line wrap: on
line source
include .coveragerc include Apache-License-2.0.txt include CONTRIBUTORS include COPYING include Jenkinsfile include LICENSE-MERGELY.html include LICENSE.md include MIT-Permissive-License.txt include README.rst include dev_requirements.txt include development.ini include pytest.ini include requirements.txt include tox.ini recursive-include docs * recursive-include init.d * recursive-include kallithea/alembic * include kallithea/bin/ldap_sync.conf include kallithea/lib/paster_commands/template.ini.mako recursive-include kallithea/front-end * recursive-include kallithea/i18n * recursive-include kallithea/public * recursive-include kallithea/templates * recursive-include kallithea/tests/fixtures * recursive-include kallithea/tests/scripts * include kallithea/tests/models/test_dump_html_mails.ref.html include kallithea/tests/performance/test_vcs.py include kallithea/tests/vcs/aconfig recursive-include scripts *