IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

fixes #1619 Secure PhantomJS Png rendering

Browse Source 
removes auth hack to allow phantomjs to query pages as a user
without auth.  Instead we pass phantomjs the session cookie,
which it then includes in the request.
This commit is contained in:
Anthony Woods
2015-03-21 07:14:13 +08:00
parent 5d6583ef7b
commit 7010df0fe8
4 changed files with 20 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/middleware/auth.go
View File

@@ -22,13 +22,6 @@ func getRequestUserId(c *Context) int64 {
return userId.(int64)
}
// TODO: figure out a way to secure this
if c.Req.URL.Query().Get("render") == "1" {
userId := c.QueryInt64(SESS_KEY_USERID)
c.Session.Set(SESS_KEY_USERID, userId)
return userId
}
return 0
}