Mercurial > p > roundup > code
view doc/index.txt @ 5211:f4b6a2a3e605
Fix expiration dates and expire csrf tokens properly
In client.py: add explicit expiration of csrf tokens to
handle_csrf. There is a clean_up() that runs on every client
connection before handle)csrf is invoked, but it only cleans every
hour. With short lived tokens this is insufficient. Also remove
debugging.
In templating.py fix values for seconds/week and minutes per week. The
original values were shifted/transposed and an order of magnitude off.
In test_templating.py again fix seconds/week constant.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 19 Mar 2017 17:10:13 -0400 |
| parents | 487dc55e3c5e |
| children | 3e1b66c4e1e2 |
line wrap: on
line source
======================================================= Roundup: an Issue-Tracking System for Knowledge Workers ======================================================= For how to contact the community see http://www.roundup-tracker.org . Contents ======== .. toctree:: :maxdepth: 2 features installation upgrading FAQ user_guide customizing admin_guide debugging xmlrpc overview Design (original) <design> developers tracker_templates Notes about the MySQL Database backend <mysql> Notes about the PostgreSQL Database backend <postgresql> glossary acknowledgements Richard Jones implementation notes <implementation> license