Comments

joachim’s picture

Priority: Normal » Critical

Upping to critical -- Clients won't work with Services 3.4 until this is fixed.

I've got working code for this, but the problem is that the token has to be obtained from a normal menu path. And Clients doesn't know the base URL of the Drupal site, just the URL of the endpoint.

I've asked for #2016501: Add a CSRF token service to get rolled into a new release, which will give us what we need.

joachim’s picture

Status: Active » Needs work
StatusFileSize
new2.32 KB

This is work in progress. It needs a new release of Services containing the fix from #2016501: Add a CSRF token service, so we don't depend on a patched module.

joachim’s picture

Status: Needs work » Needs review
StatusFileSize
new3 KB

Here's the complete patch.

We now need Services 3.5 on the remote site.

joachim’s picture

Status: Needs review » Fixed

Committed & new release on the way.

nimbuz77’s picture

I need some instruction to apply the patch

Thanks

joachim’s picture

The patch is now committed, there is no need to apply it. It's now in the new release.

nimbuz77’s picture

Services module is still dated 31 July.

joachim’s picture

This issue (and patch) is for Clients module.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.