Merge branch 'master' of https://github.com/pixelated/pixelated-user-agent

# By Felix Hammerl (5) and others
# Via NavaL
* 'master' of https://github.com/pixelated/pixelated-user-agent:
  serving the client directly, as the current dependency on proxy strips out xsrf cookies -fixing functional test
  only adding feature resource in root_resource test -- fixing build
  changed logout to post Issue #612
  Backend and frontend protection against csrf attacks: - root resources changes the csrf token cookie everytime it is loaded, in particular during the intestitial load during login - it will also add that cookie on single user mode - initialize will still load all resources - but they you cant access them if the csrf token do not match - all ajax calls needs to add the token to the header - non ajax get requests do not need xsrf token validation - non ajax post will have to send the token in as a form input or in the content
  Consolidate stylesheets
  Remove unused font and stylesheetgit s
  Create a new deferred for all IMAPAccount calls
  Clean up jshintrc
  Recreate session on soledad problems
  issue #617: Remove old html whitelister
  Issue #617: Sanitize received content

1 files changed, 4 insertions, 0 deletions

diff --git a/service/pixelated/resources/__init__.py b/service/pixelated/resources/__init__.py
index 14ecac86..469c8bc8 100644
--- a/service/pixelated/resources/__init__.py
+++ b/service/pixelated/resources/__init__.py
@@ -99,3 +99,7 @@ class UnAuthorizedResource(Resource):
     def render_GET(self, request):
         request.setResponseCode(UNAUTHORIZED)
         return "Unauthorized!"
+
+    def render_POST(self, request):
+        request.setResponseCode(UNAUTHORIZED)
+        return "Unauthorized!"