Garmelon/PFERD
1
0
Fork 0
mirror of https://github.com/Garmelon/PFERD.git synced 2026-04-12 15:35:05 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Cross request site forgery is an unsolved problem

Browse source
This commit is contained in:
I-Al-Istannen 2024-11-05 18:10:48 +01:00
parent ec80e7ba35
commit 5c4051d600
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
PFERD/crawl/ilias/shibboleth_login.py
View file

@ -60,8 +60,8 @@ class ShibbolethLogin:
"j_username": username, "j_username": username,
"j_password": password, "j_password": password,
} }
if crsf_token_input := form.find("input", {"name": "csrf_token"}): if csrf_token_input := form.find("input", {"name": "csrf_token"}):
data["csrf_token"] = crsf_token_input["value"] data["csrf_token"] = csrf_token_input["value"]
soup = await _post(sess, url, data) soup = await _post(sess, url, data)
if soup.find(id="attributeRelease"): if soup.find(id="attributeRelease"):
@ -108,8 +108,8 @@ class ShibbolethLogin:
"_eventId_proceed": "", "_eventId_proceed": "",
"j_tokenNumber": tfa_token, "j_tokenNumber": tfa_token,
} }
if crsf_token_input := form.find("input", {"name": "csrf_token"}): if csrf_token_input := form.find("input", {"name": "csrf_token"}):
data["crsf_token"] = crsf_token_input["value"] data["csrf_token"] = csrf_token_input["value"]
return await _post(session, url, data) return await _post(session, url, data)
@staticmethod @staticmethod