Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auth credentials for Marker component #298

Closed
3 tasks
masaball opened this issue Nov 28, 2023 · 1 comment
Closed
3 tasks

Auth credentials for Marker component #298

masaball opened this issue Nov 28, 2023 · 1 comment
Labels
investigation Related research work

Comments

@masaball
Copy link
Contributor

Description

When working on the Marker component we were hardcoding in the API key to carry out PUT/POST/DELETE requests for testing. We removed the API keys from the PR but did not switch to other forms of auth:

I'm not sure but making these changes could potentially solve the CSRF issues in Avalon #5485?

Done Looks Like

  • Change the request headers for Marker actions to credentials: 'same-origin'
  • Change the IIIF wrapper request options to credentials: 'include'
  • Test in Avalon that playlist marker actions are successful
@masaball masaball mentioned this issue Nov 28, 2023
Closed
1 task
@elynema elynema added the investigation Related research work label Nov 29, 2023
@masaball masaball changed the title Fix credentials for Marker component Auth credentials for Marker component Nov 29, 2023
@Dananji Dananji mentioned this issue Dec 14, 2023
Merged
@joncameron
Copy link
Contributor

Create/edit/delete on avalon-dev was successful in my testing.

@joncameron joncameron mentioned this issue Dec 15, 2023
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
investigation Related research work
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joncameron @masaball @elynema