7badb2b424
* web-apps(back): Add CSRF protection to the backend The server of each crud-web-app will be setting an XSRF-TOKEN cookie to the frontend. On each unsafe method (POST, PATCH etc) the backend will check to make sure that the request: * Contains an XSRF-TOKEN cookie * Contains an X-XSRF-TOKEN header * The value of the above values are the same Signed-off-by: Kimonas Sotirchos <kimwnasptd@arrikto.com> * web-apps(back): Document the CSRF_SAMESITE env var Add a new table in the README of the common code to include the ENV vars that a user can set in any web app. In the future we should also extend the README of every app with the supported ENV vars. Signed-off-by: Kimonas Sotirchos <kimwnasptd@arrikto.com> |
||
|---|---|---|
| .. | ||
| common | ||
| jupyter | ||
| tensorboards | ||
| OWNERS | ||