fic/server
Archived
1
0
Fork 0
Code Issues Pull requests 10 Releases Wiki Activity

admin: avoid CSRF: use POST instead of GET, mainly for synchronisation methods

Browse source
This commit is contained in:
nemunaire 2018-01-06 15:08:05 +01:00
parent 9a1a64c41c
commit 87428909b2
4 changed files with 18 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

8
admin/api/exercice.go
View file

@ -42,13 +42,13 @@ func init() {
// Synchronize
router.GET("/api/sync/exercices/:eid/files", apiHandler(exerciceHandler(
router.POST("/api/sync/exercices/:eid/files", apiHandler(exerciceHandler(
func(exercice fic.Exercice, _ []byte) (interface{}, error) { return sync.SyncExerciceFiles(sync.GlobalImporter, exercice), nil })))
router.GET("/api/sync/exercices/:eid/hints", apiHandler(exerciceHandler(
router.POST("/api/sync/exercices/:eid/hints", apiHandler(exerciceHandler(
func(exercice fic.Exercice, _ []byte) (interface{}, error) { return sync.SyncExerciceHints(sync.GlobalImporter, exercice), nil })))
router.GET("/api/sync/exercices/:eid/keys", apiHandler(exerciceHandler(
router.POST("/api/sync/exercices/:eid/keys", apiHandler(exerciceHandler(
func(exercice fic.Exercice, _ []byte) (interface{}, error) { return sync.SyncExerciceKeys(sync.GlobalImporter, exercice), nil })))
router.GET("/api/sync/exercices/:eid/quiz", apiHandler(exerciceHandler(
router.POST("/api/sync/exercices/:eid/quiz", apiHandler(exerciceHandler(
func(exercice fic.Exercice, _ []byte) (interface{}, error) { return sync.SyncExerciceMCQ(sync.GlobalImporter, exercice), nil })))
}