hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 15:33:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

respect jupyter-server disable_check_xsrf setting

Browse Source 
allows global disable of xsrf checks in single-user servers
This commit is contained in:
Min RK
2024-03-26 08:55:15 +01:00
parent 7e56bf7e2c
commit c08b582c53
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
jupyterhub/services/auth.py
View File

@@ -987,7 +987,9 @@ class HubOAuth(HubAuth):
Applies JupyterHub check_xsrf_cookie if not token authenticated Applies JupyterHub check_xsrf_cookie if not token authenticated
""" """
if getattr(handler, '_token_authenticated', False): if getattr(handler, '_token_authenticated', False) or handler.settings.get(
"disable_check_xsrf", False
):
return return
check_xsrf_cookie(handler) check_xsrf_cookie(handler)