Opened 11 years ago

Closed 11 years ago

Last modified 11 years ago

#3915 closed Enhancement (fixed)

RPC Documentation should discuss the X-Transmission-Session-Id header

Reported by: marcus Owned by: jordan
Priority: Normal Milestone: 2.20
Component: Transmission Version: 2.13
Severity: Normal Keywords:
Cc:

Description

In r8358 the X-Transmission-Session-Id was introduced to prevent CSRF attacks. However, there is no documentation on how this is handled or should be used/treated. Since the RPC api is also protected by this header, the RPC documentation in extra/rpc-spec.txt should reflect upon the usage of the session handling.

Change History (4)

comment:1 Changed 11 years ago by jordan

  • Owner set to jordan
  • Status changed from new to assigned

Fixed in r11736

comment:2 Changed 11 years ago by jordan

  • Resolution set to fixed
  • Status changed from assigned to closed

comment:3 Changed 11 years ago by Robby

  • Milestone changed from None Set to 2.20

comment:4 Changed 11 years ago by jordan

  • Summary changed from RPC Documentation should reflect in the X-Transmission-Session-Id headers to RPC Documentation should discuss the X-Transmission-Session-Id header
Note: See TracTickets for help on using tickets.