mirror of
https://github.com/jupyterhub/jupyterhub.git
synced 2025-10-08 02:24:08 +00:00
Revert "store tokens passed via url or header, not only url."
This reverts commit 53c3201c17
.
Only tokens in URLs should be persisted in cookies.
Tokens in headers should not have any effect on cookies.
This commit is contained in:
@@ -1023,8 +1023,8 @@ class HubAuthenticated:
|
|||||||
self._hub_auth_user_cache = None
|
self._hub_auth_user_cache = None
|
||||||
raise
|
raise
|
||||||
|
|
||||||
# store tokens passed via url or header in a cookie for future requests
|
# store ?token=... tokens passed via url in a cookie for future requests
|
||||||
url_token = self.hub_auth.get_token(self)
|
url_token = self.get_argument('token', '')
|
||||||
if (
|
if (
|
||||||
user_model
|
user_model
|
||||||
and url_token
|
and url_token
|
||||||
|
Reference in New Issue
Block a user