Skip to content

Commit b18ea2e

Browse files
EmyrkEmyrk
committed
chore: Ensure multiple version compatibility
1 parent 484fe2b commit b18ea2e

File tree

2 files changed

+11
-1
lines changed

2 files changed

+11
-1
lines changed

coderd/coderd.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -167,7 +167,9 @@ func New(options *Options) *API {
167167
next.ServeHTTP(w, r)
168168
})
169169
},
170-
httpmw.CSRF(options.SecureAuthCookie),
170+
// Enable CSRF in November 2022 by uncommenting out this line.
171+
// This is commented out for backwards compatibility.
172+
// httpmw.CSRF(options.SecureAuthCookie),
171173
)
172174

173175
apps := func(r chi.Router) {

codersdk/client.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,14 @@ func (c *Client) Request(ctx context.Context, method, path string, body interfac
7373
return nil, xerrors.Errorf("create request: %w", err)
7474
}
7575
req.Header.Set(SessionCustomHeader, c.SessionToken)
76+
77+
// Delete this custom cookie set in November 2022. This is just to remain
78+
// backwards compatible with older versions of Coder.
79+
req.AddCookie(&http.Cookie{
80+
Name: "session_token",
81+
Value: c.SessionToken,
82+
})
83+
7684
if body != nil {
7785
req.Header.Set("Content-Type", "application/json")
7886
}

0 commit comments

Comments
 (0)