diff options
| author | B-OnTheGo <42626718+beeonthego@users.noreply.github.com> | 2018-09-11 02:15:52 +1000 |
|---|---|---|
| committer | techknowlogick <techknowlogick@users.noreply.github.com> | 2018-09-10 12:15:52 -0400 |
| commit | e47df0b301510a49b49fc43266f436b7d58a02b1 (patch) | |
| tree | acc014c8e82a3b75754c9969f078b25579a523e9 /integrations/repo_commits_test.go | |
| parent | 387a4b09c1b62a2a5eb70b89559d5ae53032c989 (diff) | |
| download | gitea-e47df0b301510a49b49fc43266f436b7d58a02b1.tar.gz gitea-e47df0b301510a49b49fc43266f436b7d58a02b1.zip | |
Enforce token on api routes [fixed critical security issue #4357] (#4840)
Diffstat (limited to 'integrations/repo_commits_test.go')
| -rw-r--r-- | integrations/repo_commits_test.go | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/integrations/repo_commits_test.go b/integrations/repo_commits_test.go index 94d513370d..48aac1802b 100644 --- a/integrations/repo_commits_test.go +++ b/integrations/repo_commits_test.go @@ -33,6 +33,7 @@ func doTestRepoCommitWithStatus(t *testing.T, state string, classes ...string) { prepareTestEnv(t) session := loginUser(t, "user2") + token := getTokenForLoggedInUser(t, session) // Request repository commits page req := NewRequest(t, "GET", "/user2/repo1/commits/branch/master") @@ -45,7 +46,7 @@ func doTestRepoCommitWithStatus(t *testing.T, state string, classes ...string) { assert.NotEmpty(t, commitURL) // Call API to add status for commit - req = NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/statuses/"+path.Base(commitURL), + req = NewRequestWithJSON(t, "POST", "/api/v1/repos/user2/repo1/statuses/"+path.Base(commitURL)+"?token="+token, api.CreateStatusOption{ State: api.StatusState(state), TargetURL: "http://test.ci/", |