Mercurial > p > roundup > code
comparison doc/upgrading.txt @ 7507:f3c456e9a6c2
Link to example advanced xmlrpc client and recommend it first.
Change link from xmlrpc.html to the section referenced. Also recommend
changing the client first rather than disabling csrf protection.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Wed, 21 Jun 2023 15:02:01 -0400 |
| parents | 38de0d748284 |
| children | 273c8c2b5042 |
comparison
equal
deleted
inserted
replaced
| 7506:38de0d748284 | 7507:f3c456e9a6c2 |
|---|---|
| 1453 When performing and xmlrpc call, if you see something like:: | 1453 When performing and xmlrpc call, if you see something like:: |
| 1454 | 1454 |
| 1455 xmlrpclib.Fault: <Fault 1: "<class | 1455 xmlrpclib.Fault: <Fault 1: "<class |
| 1456 'roundup.exceptions.UsageError'>:Required Header Missing"> | 1456 'roundup.exceptions.UsageError'>:Required Header Missing"> |
| 1457 | 1457 |
| 1458 change the setting of csrf_enforce_header_x-requested-with in | 1458 change your xmlrpc client to add appropriate headers to |
| 1459 config.ini to no. So it looks like:: | 1459 the request including the: |
| 1460 | |
| 1461 X-Requested-With: | |
| 1462 | |
| 1463 header as well as any other required csrf headers (e.g. referer, | |
| 1464 origin) configured in config.ini. See the `advanced python client | |
| 1465 <xmlrpc.html#advanced-python-client-adding-anti-csrf-headers>`_ at | |
| 1466 the end of the xmlrpc guide. | |
| 1467 | |
| 1468 Alternatively change the setting of | |
| 1469 csrf_enforce_header_x-requested-with in config.ini to ``no``. So it | |
| 1470 looks like:: | |
| 1460 | 1471 |
| 1461 csrf_enforce_header_x-requested-with = no | 1472 csrf_enforce_header_x-requested-with = no |
| 1462 | 1473 |
| 1463 Alternatively change your xmlrpc client to add appropriate headers to | 1474 This is not recommended as it reduces csrf protection. |
| 1464 the request including the: | 1475 |
| 1465 | |
| 1466 X-Requested-With: | |
| 1467 | |
| 1468 header as well as any other required csrf headers (e.g. referer, origin) | |
| 1469 configured in config.ini. See the advanced python client at the end of | |
| 1470 the `xmlrpc guide`_. | |
| 1471 | 1476 |
| 1472 Support for SameSite cookie option for session cookie | 1477 Support for SameSite cookie option for session cookie |
| 1473 ----------------------------------------------------- | 1478 ----------------------------------------------------- |
| 1474 | 1479 |
| 1475 Support for serving the session cookie using the SameSite cookie option | 1480 Support for serving the session cookie using the SameSite cookie option |
