Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256)
	(Exim 4.89)
	(envelope-from <pgadmin-hackers-owner+archive@lists.postgresql.org>)
	id 1hqa4h-0006Fi-3N
	for pgadmin-hackers@arkaria.postgresql.org; Thu, 25 Jul 2019 09:30:11 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.89)
	(envelope-from <pgadmin-hackers-owner+archive@lists.postgresql.org>)
	id 1hqa4e-0008PT-7g
	for pgadmin-hackers@arkaria.postgresql.org; Thu, 25 Jul 2019 09:30:08 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256)
	(Exim 4.89)
	(envelope-from <dpage@pgadmin.org>)
	id 1hqZyr-0007Ls-6x
	for pgadmin-hackers@lists.postgresql.org; Thu, 25 Jul 2019 09:24:09 +0000
Received: from mahout.postgresql.org ([72.32.157.227])
	by makus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256)
	(Exim 4.92)
	(envelope-from <dpage@pgadmin.org>)
	id 1hqZyU-0001X3-QQ
	for pgadmin-hackers@lists.postgresql.org; Thu, 25 Jul 2019 09:24:07 +0000
Received: from gothos.postgresql.org ([2620:122:b000:7::243])
	by mahout.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256)
	(Exim 4.89)
	(envelope-from <dpage@pgadmin.org>)
	id 1hqZyN-0003WM-Jm
	for pgadmin-hackers@lists.postgresql.org; Thu, 25 Jul 2019 09:23:39 +0000
Received: from localhost ([127.0.0.1] helo=gothos.postgresql.org)
	by gothos.postgresql.org with esmtp (Exim 4.89)
	(envelope-from <dpage@pgadmin.org>)
	id 1hqZy2-0005c7-G0
	for pgadmin-hackers@lists.postgresql.org; Thu, 25 Jul 2019 09:23:18 +0000
Content-Type: multipart/mixed; boundary="===============8917140288749076259=="
MIME-Version: 1.0
From: Dave Page <dpage@pgadmin.org>
To: pgadmin-hackers@lists.postgresql.org
Subject: pgAdmin 4 commit: Fixed CSRF security vulnerability issue. per Alvin
 Li
Message-Id: <E1hqZy2-0005c7-G0@gothos.postgresql.org>
Date: Thu, 25 Jul 2019 09:23:18 +0000
List-Id: <pgadmin-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgadmin-hackers@lists.postgresql.org>
List-Owner: <mailto:pgadmin-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgadmin-hackers>
Precedence: bulk

--===============8917140288749076259==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64

Rml4ZWQgQ1NSRiBzZWN1cml0eSB2dWxuZXJhYmlsaXR5IGlzc3VlLiBwZXIgQWx2aW4gTGluZHN0
YW0uIEZpeGVzICM0MjE3CkluaXRpYWwgcGF0Y2ggYnk6IEtodXNoYm9vIFZhc2hpCk1vZGlmaWVk
IGJ5OiBBc2hlc2ggVmFzaGkgYW5kIE11cnR1emEgWmFidWF3YWxhCgpCcmFuY2gKLS0tLS0tCmVs
ZWN0cm9uMgoKRGV0YWlscwotLS0tLS0tCmh0dHBzOi8vZ2l0LnBvc3RncmVzcWwub3JnL2dpdHdl
Yj9wPXBnYWRtaW40LmdpdDthPWNvbW1pdGRpZmY7aD02ODdjZDExOTNiYzk3ZGEzYjJjNDE0NGQ4
ZjFmNmYwNWRhNDAxMzdlCkF1dGhvcjogS2h1c2hib28gVmFzaGkgPGtodXNoYm9vLnZhc2hpQGVu
dGVycHJpc2VkYi5jb20+CgpNb2RpZmllZCBGaWxlcwotLS0tLS0tLS0tLS0tLQpkb2NzL2VuX1VT
L3JlbGVhc2Vfbm90ZXNfNF83LnJzdCAgICAgICAgICAgICAgICAgICB8ICAgMSArCndlYi9jb25m
aWcucHkgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHwgICA3ICstCndlYi9w
Z2FkbWluL19faW5pdF9fLnB5ICAgICAgICAgICAgICAgICAgICAgICAgICAgIHwgIDE0ICsrLQp3
ZWIvcGdhZG1pbi9icm93c2VyL19faW5pdF9fLnB5ICAgICAgICAgICAgICAgICAgICB8ICAzOSAr
Ky0tLS0tCndlYi9wZ2FkbWluL2Jyb3dzZXIvc3RhdGljL2pzL2Jyb3dzZXIuanMgICAgICAgICAg
IHwgIDE1ICsrLQp3ZWIvcGdhZG1pbi9icm93c2VyL3N0YXRpYy9qcy9jb2xsZWN0aW9uLmpzICAg
ICAgICB8ICAgMyArLQp3ZWIvcGdhZG1pbi9icm93c2VyL3N0YXRpYy9qcy9wcmVmZXJlbmNlcy5q
cyAgICAgICB8ICAgNyArLQp3ZWIvcGdhZG1pbi9icm93c2VyL3RlbXBsYXRlcy9icm93c2VyL2lu
ZGV4Lmh0bWwgICB8ICAgMSAtCndlYi9wZ2FkbWluL2Jyb3dzZXIvdGVtcGxhdGVzL2Jyb3dzZXIv
anMvdXRpbHMuanMgIHwgICAzICsKd2ViL3BnYWRtaW4vYnJvd3Nlci90ZXN0cy90ZXN0X2NoYW5n
ZV9wYXNzd29yZC5weSAgfCAgMTUgKy0tCi4uLi9icm93c2VyL3Rlc3RzL3Rlc3RfZ3JhdmF0YXJf
aW1hZ2VfZGlzcGxheS5weSAgIHwgIDEzICstLQp3ZWIvcGdhZG1pbi9icm93c2VyL3Rlc3RzL3Rl
c3RfbG9naW4ucHkgICAgICAgICAgICB8ICAzNCArKysrLS0Kd2ViL3BnYWRtaW4vYnJvd3Nlci90
ZXN0cy90ZXN0X3Jlc2V0X3Bhc3N3b3JkLnB5ICAgfCAgMTIgKy0Kd2ViL3BnYWRtaW4vYnJvd3Nl
ci90ZXN0cy91dGlscy5weSAgICAgICAgICAgICAgICAgfCAgIDcgKy0Kd2ViL3BnYWRtaW4vbWlz
Yy9fX2luaXRfXy5weSAgICAgICAgICAgICAgICAgICAgICAgfCAgIDIgKwouLi4vbWlzYy9kZXBl
bmRlbmNpZXMvc3RhdGljL2pzL2RlcGVuZGVuY2llcy5qcyAgICB8ICAgNyArLQouLi4vbWlzYy9k
ZXBlbmRlbnRzL3N0YXRpYy9qcy9kZXBlbmRlbnRzLmpzICAgICAgICB8ICAgNyArLQp3ZWIvcGdh
ZG1pbi9taXNjL2ZpbGVfbWFuYWdlci9zdGF0aWMvanMvdXRpbGl0eS5qcyB8ICAgNiArLQp3ZWIv
cGdhZG1pbi9taXNjL3NxbC9zdGF0aWMvanMvc3FsLmpzICAgICAgICAgICAgICB8ICAgNSArLQou
Li4vbWlzYy9zdGF0aXN0aWNzL3N0YXRpYy9qcy9zdGF0aXN0aWNzLmpzICAgICAgICB8ICAgOSAr
LQouLi4vc2V0dXAvdGVzdHMvdGVzdF9leHBvcnRfaW1wb3J0X3NlcnZlcnMucHkgICAgICB8ICAx
MyArKy0Kd2ViL3BnYWRtaW4vc3RhdGljL2pzL2NzcmYuanMgICAgICAgICAgICAgICAgICAgICAg
fCAgNjAgKysrKysrKysrKwp3ZWIvcGdhZG1pbi9zdGF0aWMvanMvc3FsZWRpdG9yL2V4ZWN1dGVf
cXVlcnkuanMgICB8ICAgNiArLQouLi4vc3RhdGljL2pzL3RyZWUvcGdhZG1pbl90cmVlX3NhdmVf
c3RhdGUuanMgICAgICB8ICAgMiArLQouLi4vdG9vbHMvYmFja3VwL3N0YXRpYy9qcy9iYWNrdXBf
ZGlhbG9nLmpzICAgICAgICB8ICAgMyArLQouLi4vYmFja3VwL3N0YXRpYy9qcy9iYWNrdXBfZGlh
bG9nX3dyYXBwZXIuanMgICAgICB8ICAgMyArLQp3ZWIvcGdhZG1pbi90b29scy9kZWJ1Z2dlci9z
dGF0aWMvanMvZGlyZWN0LmpzICAgICB8ICAgNSArLQouLi4vdG9vbHMvcmVzdG9yZS9zdGF0aWMv
anMvcmVzdG9yZV9kaWFsb2cuanMgICAgICB8ICAgMyArLQouLi4vcmVzdG9yZS9zdGF0aWMvanMv
cmVzdG9yZV9kaWFsb2dfd3JhcHBlci5qcyAgICB8ICAgMyArLQp3ZWIvcGdhZG1pbi90b29scy9z
cWxlZGl0b3Ivc3RhdGljL2pzL3NxbGVkaXRvci5qcyB8ICAgNiArLQp3ZWIvcGdhZG1pbi90b29s
cy91c2VyX21hbmFnZW1lbnQvX19pbml0X18ucHkgICAgICB8ICAgMiArCndlYi9wZ2FkbWluL3V0
aWxzL2NzcmYucHkgICAgICAgICAgICAgICAgICAgICAgICAgIHwgIDQzICsrKysrKysKd2ViL3Bn
YWRtaW4vdXRpbHMvc2Vzc2lvbi5weSAgICAgICAgICAgICAgICAgICAgICAgfCAgIDIgKy0KLi4u
L3B5dGhvbl90ZXN0X3V0aWxzL2NzcmZfdGVzdF9jbGllbnQucHkgICAgICAgICAgfCAxMjQgKysr
KysrKysrKysrKysrKysrKysrCndlYi9yZWdyZXNzaW9uL3B5dGhvbl90ZXN0X3V0aWxzL3Rlc3Rf
dXRpbHMucHkgICAgIHwgIDE4ICstLQp3ZWIvcmVncmVzc2lvbi9ydW50ZXN0cy5weSAgICAgICAg
ICAgICAgICAgICAgICAgICB8ICAxMSArLQozNiBmaWxlcyBjaGFuZ2VkLCAzODcgaW5zZXJ0aW9u
cygrKSwgMTI0IGRlbGV0aW9ucygtKQoK

--===============8917140288749076259==--