Changeset 8491


Ignore:
Timestamp:
May 23, 2009, 2:50:04 PM (12 years ago)
Author:
charles
Message:

(trunk 1.5x) make sure that 1.5x's 409 response message reads the same as 1.6x's. reported by blueluna

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/1.5x/libtransmission/rpc-server.c

    r8455 r8491  
    614614            const char * sessionId = get_current_session_id( server );
    615615            char * tmp = tr_strdup_printf(
    616                 "<p>Please add this header to your requests:</p>"
    617                 "<p><code>%s: %s</code></p>"
    618                 "<p>This requirement is to make "
     616                "<p>Please add this header to your HTTP requests:</p>"
     617                "<p style=\"padding-left: 20pt;\"><code>%s: %s</code></p>"
     618                "<p><b>RPC Application Developers:</b></p>"
     619                "<p style=\"padding-left: 20pt;\">As of Transmission 1.53 and 1.61, RPC clients "
     620                "need to look for this 409 response containing the phrase \"invalid session-id\".  "
     621                "It occurs when the request's "TR_RPC_SESSION_ID_HEADER" header was missing "
     622                "(such as during bootstrapping) or expired. "
     623                "Either way, you can parse this response's headers for the new session-id.</p>"
     624                "<p style=\"padding-left: 20pt;\">This requirement has been added to make "
    619625                "<a href=\"http://en.wikipedia.org/wiki/Cross-site_request_forgery\">CSRF</a>"
    620626                " attacks more difficult.</p>",
Note: See TracChangeset for help on using the changeset viewer.