ashb commented on issue #5044: [AIRFLOW-4240] Require POST for state-changing requests URL: https://github.com/apache/airflow/pull/5044#issuecomment-528294160 @chang Whoops. Yes this PR was the culprit. The `@action_logging` decorator is only looking at query args, not form args. ```python log = Log( event=f.__name__, task_instance=None, owner=user, extra=str(list(request.args.items())), task_id=request.args.get('task_id'), dag_id=request.args.get('dag_id')) if 'execution_date' in request.args: log.execution_date = pendulum.parse( request.args.get('execution_date')) ``` All the `request.args` need to be `request.values` (which will merge GET and POST params together) _BUT_ we want to be careful about what we store in `extra` - that might store sensitive connection information which we wouldn't want.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
