Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure GetCSRF doesn't return an empty token (#32130) #32157

Merged
merged 2 commits into from
Oct 1, 2024
Merged

Ensure GetCSRF doesn't return an empty token (#32130) #32157

merged 2 commits into from
Oct 1, 2024

Conversation

GiteaBot
Copy link
Contributor

Backport #32130 by @wolfogre

Since page templates keep changing, some pages that contained forms with CSRF token no longer have them.

It leads to some calls of GetCSRF returning an empty string, which fails the tests. Like

gitea/tests/integration/attachment_test.go

Lines 62 to 63 in 3269b04

// this test is not right because it just doesn't pass the CSRF validation
createAttachment(t, session, "user2/repo1", "image.png", generateImg(), http.StatusBadRequest)

The test did try to get the CSRF token and provided it, but it was empty.

@wolfogre @GiteaBot
Ensure GetCSRF doesn't return an empty token (go-gitea#32130)
2cac3cc 
Since page templates keep changing, some pages that contained forms with
CSRF token no longer have them.

It leads to some calls of `GetCSRF` returning an empty string, which
fails the tests. Like

https://github.com/go-gitea/gitea/blob/3269b04d61ffe6a7ce462cd05ee150e4491124e8/tests/integration/attachment_test.go#L62-L63

The test did try to get the CSRF token and provided it, but it was
empty.
@GiteaBot GiteaBot added modifies/go Pull requests that update Go code skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. type/testing labels Sep 30, 2024
@GiteaBot GiteaBot added this to the 1.22.3 milestone Sep 30, 2024
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Sep 30, 2024
@pull-request-size pull-request-size bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Sep 30, 2024
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Sep 30, 2024
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Oct 1, 2024
@yp05327 yp05327 added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Oct 1, 2024
@yp05327 yp05327 enabled auto-merge (squash) October 1, 2024 04:58
@yp05327 yp05327 merged commit 4703e52 into go-gitea:release/v1.22 Oct 1, 2024
26 checks passed
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Oct 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lunny lunny lunny approved these changes

@yp05327 yp05327 yp05327 approved these changes

@wxiaoguang wxiaoguang Awaiting requested review from wxiaoguang

Assignees

@wolfogre wolfogre

Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/go Pull requests that update Go code size/S Denotes a PR that changes 10-29 lines, ignoring generated files. skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. type/testing
Projects
None yet
Milestone
1.22.3
Development

Successfully merging this pull request may close these issues.
4 participants
@GiteaBot @lunny @yp05327 @wolfogre