mistercrunch commented on code in PR #31173:
URL: https://github.com/apache/superset/pull/31173#discussion_r1872122093
##########
superset/tasks/utils.py:
##########
@@ -133,7 +133,7 @@ def fetch_csrf_token(
data = json.loads(body)
res = {"X-CSRF-Token": data["result"]}
if session_cookie is not None:
- res["Cookie"] = session_cookie
+ res["Cookie"] = f"{session_cookie_name}={session_cookie}"
Review Comment:
Ok, I did a bit more research and got GPT's input here
https://chatgpt.com/share/6752157e-8dc0-8010-b7c8-afcd7e270512 .
My recommendation, to be cautious, is to add a line in `UPDATING.md` as the
last item in the `Next` section that says something like
- [31173](https://github.com/apache/superset/pull/30099) NOTE: modified
`fetch_csrf_token` to align with HTTP standards, modifying how cookies are
handled. If you hit issues related to CSRF, please report as an issue while
referring to this PR
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
