Issue #2681911 by garphy, Wim Leers, gabesullice: REST requests without...
Issue #2681911 by garphy, Wim Leers, gabesullice: REST requests without X-CSRF-Token header: unhelpful response significantly hinders DX, should receive a 401 response
Showing
- core/lib/Drupal/Core/Access/AccessResult.php 15 additions, 2 deletionscore/lib/Drupal/Core/Access/AccessResult.php
- core/lib/Drupal/Core/Access/AccessResultForbidden.php 34 additions, 1 deletioncore/lib/Drupal/Core/Access/AccessResultForbidden.php
- core/lib/Drupal/Core/Access/AccessResultReasonInterface.php 36 additions, 0 deletionscore/lib/Drupal/Core/Access/AccessResultReasonInterface.php
- core/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php 1 addition, 1 deletioncore/lib/Drupal/Core/Access/CsrfRequestHeaderAccessCheck.php
- core/lib/Drupal/Core/Routing/AccessAwareRouter.php 2 additions, 1 deletioncore/lib/Drupal/Core/Routing/AccessAwareRouter.php
- core/modules/rest/src/Tests/CreateTest.php 4 additions, 0 deletionscore/modules/rest/src/Tests/CreateTest.php
- core/modules/rest/src/Tests/DeleteTest.php 3 additions, 0 deletionscore/modules/rest/src/Tests/DeleteTest.php
- core/modules/rest/src/Tests/RESTTestBase.php 13 additions, 5 deletionscore/modules/rest/src/Tests/RESTTestBase.php
- core/modules/rest/src/Tests/UpdateTest.php 5 additions, 0 deletionscore/modules/rest/src/Tests/UpdateTest.php
- core/tests/Drupal/Tests/Core/Access/AccessResultForbiddenTest.php 45 additions, 0 deletions...ts/Drupal/Tests/Core/Access/AccessResultForbiddenTest.php
- core/tests/Drupal/Tests/Core/Access/AccessResultTest.php 18 additions, 0 deletionscore/tests/Drupal/Tests/Core/Access/AccessResultTest.php
- core/tests/Drupal/Tests/Core/Routing/AccessAwareRouterTest.php 17 additions, 0 deletions...tests/Drupal/Tests/Core/Routing/AccessAwareRouterTest.php
Loading
Please register or sign in to comment