Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Return helpful error message when CSRF protection fails. (#5177) #5182

Merged
merged 1 commit into from Oct 10, 2018

Conversation

@edmundoa
Copy link
Member

@edmundoa edmundoa commented Oct 5, 2018

Port of #5177 into 2.5.

* Return helpful error message when CSRF protection fails.

Before this change, the server returned a generic "Bad Request" error
message when a client queried the API without the required CSRF
protection header. This leaves the consumer confused, especially for
previous users of the API which now do not know what to change in their
request to make it work again.

This change now leaves the error code intact but adds a helpful message
telling the consumer what went wrong.

Fixes #5012.

* Making error message _even more(!)_ helpful.
@edmundoa edmundoa added this to the 2.5.0 milestone Oct 5, 2018
@edmundoa edmundoa requested a review from dennisoelkers Oct 5, 2018
@edmundoa
Copy link
Member Author

@edmundoa edmundoa commented Oct 5, 2018

Fixes #5012.

@dennisoelkers dennisoelkers merged commit fc1762d into 2.5 Oct 10, 2018
2 of 3 checks passed
2 of 3 checks passed
ci-web-linter Jenkins build graylog-pr-linter-check 2857 has failed
Details
graylog-project/pr Jenkins build graylog-project-pr-snapshot 2016 has succeeded
Details
license/cla Contributor License Agreement is signed.
Details
@dennisoelkers dennisoelkers deleted the issue-5012-2.5 branch Oct 10, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants
You can’t perform that action at this time.