Closed vitoravelino closed 5 years ago
The kubeconfig download request was previously done via GET request and the file content could be easily modified through url parameters.
With this patch we've changed from GET to POST method and now taking advantage of CSRF protection.
Signed-off-by: Vítor Avelino vavelino@suse.com
bsc#1121165
The kubeconfig download request was previously done via GET request and the file content could be easily modified through url parameters.
With this patch we've changed from GET to POST method and now taking advantage of CSRF protection.
Signed-off-by: Vítor Avelino vavelino@suse.com
bsc#1121165