From bd15d2d0f7a5d2390dcd7763fa11215379c2c1fb Mon Sep 17 00:00:00 2001 From: Aditya Toshniwal Date: Fri, 17 Jul 2020 11:55:24 +0530 Subject: [PATCH] Fixed CSRF errors when pgAdmin opened in an iframe on safari browser. Fixes #5675 --- docs/en_US/release_notes_4_24.rst | 3 ++- web/pgadmin/utils/csrf.py | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/en_US/release_notes_4_24.rst b/docs/en_US/release_notes_4_24.rst index 4d47102d4..01f38f26f 100644 --- a/docs/en_US/release_notes_4_24.rst +++ b/docs/en_US/release_notes_4_24.rst @@ -41,4 +41,5 @@ Bug fixes | `Issue #5633 `_ - Ensure that create RLS Policy menu should not be visible for catalog objects. | `Issue #5647 `_ - Fixed an issue where difference DDL is showing the wrong SQL when changing the policy owner. | `Issue #5662 `_ - Fixed accessibility issue where few dialogs are not rendering properly when we zoomed in browser window 200% and screen resolution is low. -| `Issue #5673 `_ - Fixed an issue where fetching the schema throws an error if the database is not connected in Schema Diff. \ No newline at end of file +| `Issue #5673 `_ - Fixed an issue where fetching the schema throws an error if the database is not connected in Schema Diff. +| `Issue #5675 `_ - Fixed CSRF errors when pgAdmin opened in an iframe on safari browser. \ No newline at end of file diff --git a/web/pgadmin/utils/csrf.py b/web/pgadmin/utils/csrf.py index b02366a60..434e653a7 100644 --- a/web/pgadmin/utils/csrf.py +++ b/web/pgadmin/utils/csrf.py @@ -36,6 +36,7 @@ class _PGCSRFProtect(CSRFProtect): 'pgadmin.tools.debugger.direct_new', 'pgadmin.tools.schema_diff.panel', 'pgadmin.tools.schema_diff.ddl_compare', + 'pgadmin.authenticate.login' ] for exempt in exempt_views: