taler
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] WebEx can't POST on bank's /admin/add/incoming


From: Marcello Stanisci
Subject: Re: [Taler] WebEx can't POST on bank's /admin/add/incoming
Date: Mon, 8 Feb 2016 11:08:39 +0100
User-agent: Mutt/1.5.23 (2014-03-12)

Yes, it's the mint (don't mind 'WebEx' in the subject..). Anyway, it seems that
any POST "suffer" from this CSRF control

> I don't even understand why you'd want this. The WebEx is not supposed
> to touch /admin/add/incoming of the bank. The only code that does this
> is the mint's "test" wire transfer method, not the wallet.
> 
> On 02/04/2016 11:56 PM, Marcello Stanisci wrote:
> > 
> > The reason is always the CSRF prevention. In this case,
> > should be fine to disable it, since this is internal API.
> > 
> > Marcello
> > 
> 





reply via email to

[Prev in Thread] Current Thread [Next in Thread]