fix(helm): remove config overrides for CSRF

This prevents the configuration generated by the helm chart from overriding the default WTF_ configuration values in config.py. Without these default values, calls to three logging and chart data endpoints will fail with CSRF errors.
apache · Jan 13, 2023 · de3407d · de3407d
1 parent 2ccdb72
commit de3407d
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 8 deletions.
diff --git a/helm/superset/Chart.yaml b/helm/superset/Chart.yaml
@@ -29,7 +29,7 @@ maintainers:
   - name: craig-rueda
     email: craig@craigrueda.com
     url: https://github.com/craig-rueda
-version: 0.8.2
+version: 0.8.3
 dependencies:
   - name: postgresql
     version: 12.1.6

diff --git a/helm/superset/README.md b/helm/superset/README.md
@@ -23,7 +23,7 @@ NOTE: This file is generated by helm-docs: https://github.com/norwoodj/helm-docs
 
 # superset
 
-![Version: 0.8.2](https://img.shields.io/badge/Version-0.8.2-informational?style=flat-square)
+![Version: 0.8.3](https://img.shields.io/badge/Version-0.8.3-informational?style=flat-square)
 
 Apache Superset is a modern, enterprise-ready business intelligence web application
 

diff --git a/helm/superset/templates/_helpers.tpl b/helm/superset/templates/_helpers.tpl
@@ -83,12 +83,6 @@ SQLALCHEMY_DATABASE_URI = f"postgresql+psycopg2://{env('DB_USER')}:{env('DB_PASS
 SQLALCHEMY_TRACK_MODIFICATIONS = True
 SECRET_KEY = env('SECRET_KEY', 'thisISaSECRET_1234')
 
-# Flask-WTF flag for CSRF
-WTF_CSRF_ENABLED = True
-# Add endpoints that need to be exempt from CSRF protection
-WTF_CSRF_EXEMPT_LIST = []
-# A CSRF token that expires in 1 year
-WTF_CSRF_TIME_LIMIT = 60 * 60 * 24 * 365
 class CeleryConfig(object):
   CELERY_IMPORTS = ('superset.sql_lab', )
   CELERY_ANNOTATIONS = {'tasks.add': {'rate_limit': '10/s'}}