Closed mauritsvanrees closed 8 years ago
mauritsvanrees
commented
8 years ago Note that I made one change in protect.js compared to plone4.csrffixes, the || options.url.indexOf('//') === -1 part:
https://github.com/plone/plone.protect/pull/49/files#diff-b1e7a9ff9540e64218f885ae8e8d0749R24
mauritsvanrees
commented
8 years ago There are robot test failures in plone.app.contenttypes/multilingual. But I wonder if this is because the tests are unstable. At least it reminds me of this fix I needed to do last month: https://github.com/plone/plone.app.contenttypes/pull/347 I'll rebuild.
mauritsvanrees
commented
8 years ago Without having changed anything, the Plone 5.1 job now passes, and 5.0 has two failures instead of three...
mauritsvanrees
commented
8 years ago Jenkins 5.1 passed at http://jenkins.plone.org/job/pull-request-5.1/324/ Now trying on 5.0 in combination with two other pull requests designed to hopefully fix unstable robot tests:
https://github.com/plone/plone.app.contenttypes/pull/354
https://github.com/plone/plone.app.multilingual/pull/237
https://github.com/plone/plone.protect/pull/49
vangheem
commented
8 years ago Looks fine.
mauritsvanrees
commented
8 years ago I have reverted the checkout of plone.protect on coredev 5.0 and 5.1. It makes a few robot tests too unstable. :-(
See https://github.com/plone/buildout.coredev/pull/225
We may want to revert the adding of protect.js or figure out why those tests become unstable. Feel free to do anything needed in my absence.
This adds an
X-CSRF-TOKENheader to ajax requests.Fixes https://github.com/plone/plone.protect/issues/42
To make it a bit easier to test this, I have created a
sample.jsand related code on branch https://github.com/plone/plone.protect/tree/maurits-add-protect-js-sample-test-dont-merge That branch should definitely not be merged. Commit https://github.com/plone/plone.protect/commit/7c8f4340290e0b23eb93f20a1d26a0f6ac62fcb5 explains it.