From b45d4ab6819c6695944dd191f4474722c9e3450e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Berk=20Balc=C4=B1?= <balciiberk@gmail.com>
Date: Sun, 3 Dec 2023 15:20:05 +0100
Subject: [PATCH] Add CSRF guard header to the get calls (#19)

---
 vomsimporter.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/vomsimporter.py b/vomsimporter.py
index 8463cfe..b77d1b2 100644
--- a/vomsimporter.py
+++ b/vomsimporter.py
@@ -113,7 +113,8 @@ def get_voms_users(self, start=None, pagesize=None):
         url = "https://%s:8443/voms/%s/apiv2/users" % (self._host, self._vo)
 
         r = self._session.get(
-            url, params={'startIndex': start, 'pageSize': pagesize})
+            url, params={'startIndex': start, 'pageSize': pagesize},
+            headers= {'X-VOMS-CSRF-GUARD': "y"})
         r.raise_for_status()
         return r.json()
 
@@ -121,7 +122,8 @@ def get_voms_user(self, uid):
         logging.debug("Loading VOMS user by id: %d", uid)
         url = "https://%s:8443/voms/%s/apiv2/user-info" % (
             self._host, self._vo)
-        r = self._session.get(url, params={'userId': uid})
+        r = self._session.get(url, params={'userId': uid},
+                              headers= {'X-VOMS-CSRF-GUARD': "y"})
         r.raise_for_status()
         return r.json()