Skip to content

Commit 10b4296

Browse files
EmyrkEmyrk
committed
Fix merge issues
1 parent 3116964 commit 10b4296

File tree

2 files changed

+3
-2
lines changed

2 files changed

+3
-2
lines changed

coderd/coderd.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -406,7 +406,6 @@ func New(options *Options) *API {
406406
httpmw.ExtractWorkspaceParam(options.Database),
407407
)
408408
r.Get("/", api.workspaceAgent)
409-
r.Post("/peer", api.postWorkspaceAgentWireguardPeer)
410409
r.Get("/dial", api.workspaceAgentDial)
411410
r.Get("/turn", api.userWorkspaceAgentTurn)
412411
r.Get("/pty", api.workspaceAgentPTY)

coderd/httpmw/csrf.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ func CSRF(secureCookie bool) func(next http.Handler) http.Handler {
1616
return func(next http.Handler) http.Handler {
1717
mw := nosurf.New(next)
1818
mw.SetBaseCookie(http.Cookie{Path: "/", HttpOnly: true, SameSite: http.SameSiteLaxMode, Secure: secureCookie})
19-
mw.SetFailureHandler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
19+
mw.SetFailureHandler(http.HandlerFunc(func(wg http.ResponseWriter, r *http.Request) {
2020
http.Error(w, "Something is wrong with your CSRF token. Please refresh the page. If this error persists, try clearing your cookies.", http.StatusBadRequest)
2121
}))
2222

@@ -28,6 +28,8 @@ func CSRF(secureCookie bool) func(next http.Handler) http.Handler {
2828
mw.ExemptRegexp(regexp.MustCompile("api/v2/workspaceagents/[^/]*$"))
2929
// Agent authenticated routes
3030
mw.ExemptRegexp(regexp.MustCompile("api/v2/workspaceagents/me/*"))
31+
// Derp routes
32+
mw.ExemptRegexp(regexp.MustCompile("derp/*"))
3133

3234
mw.ExemptFunc(func(r *http.Request) bool {
3335
// CSRF only affects requests that automatically attach credentials via a cookie.

0 commit comments

Comments
 (0)