github: Fix GitHub integration CSRF issue.

The new GitHub dispatcher integration was apparently totally broken,
because we hadn't tagged the new dispatcher endpoint as exempt from
CSRF checking.  I'm not sure why the test suite didn't catch this.
This commit is contained in:
Tim Abbott 2016-12-30 20:31:01 -08:00
parent 88da3dea7e
commit a61386cbbc

View File

@ -1,9 +1,12 @@
from __future__ import absolute_import
from django.http import HttpRequest, HttpResponse
from django.views.decorators.csrf import csrf_exempt
from .github_webhook import api_github_webhook
from .github import api_github_landing
# Since this dispatcher is an API-style endpoint, it needs to be
# explicitly marked as CSRF-exempt
@csrf_exempt
def api_github_webhook_dispatch(request):
# type: (HttpRequest) -> HttpResponse
if request.META.get('HTTP_X_GITHUB_EVENT'):