nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-21 07:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

backups: Require POST method for mount/unmount operations

Browse Source 
Tests:

- Sending GET requests to the two views by opening theirs URLs in the browser
show a blank page. Actions are not performed.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2024-12-23 23:36:59 -08:00 committed by James Valleroy
parent a6b16920e2
commit d423b40239
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plinth/modules/backups/views.py
View File

@ -17,6 +17,7 @@ from django.urls import reverse, reverse_lazy
from django.utils.decorators import method_decorator
from django.utils.translation import gettext as _
from django.utils.translation import gettext_lazy
from django.views.decorators.http import require_POST
from django.views.generic import FormView, TemplateView, View
from plinth.errors import PlinthError
@ -472,6 +473,7 @@ class RemoveRepositoryView(SuccessMessageMixin, TemplateView):
return redirect('backups:index')
@require_POST
def umount_repository(request, uuid):
"""View to unmount a remote SSH repository."""
repository = SshBorgRepository.load(uuid)
@ -482,6 +484,7 @@ def umount_repository(request, uuid):
return redirect('backups:index')
@require_POST
def mount_repository(request, uuid):
"""View to mount a remote SSH repository."""
# Do not mount unverified ssh repositories. Prompt for verification.