To participate you must create an account on apostrophenow.org. If you have already done so, click Login.

Ticket #60 (new defect)

Opened 2 years ago

Last modified 13 months ago

verify CSRF protection for non-form actions

Reported by: boutell Owned by: tboutell
Priority: minor Milestone: 1.5.2
Component: apostrophePlugin: Media Version:
Keywords: Cc:
Symfony version: 1.4

Description

Some actions don't use forms, so they will need to be separately CSRF protected (investigate the extent to which this is automatic with link_to etc).

Change History

Changed 2 years ago by agilbert

  • sensitive set to 0
  • version Symfony 1.4 deleted
  • milestone set to 1.1

Changed 21 months ago by boutell

  • milestone changed from 1.4 to 1.4.1

Changed 17 months ago by tboutell

  • owner changed from boutell to tboutell

Changed 13 months ago by geoffd

  • symfony set to 1.4
  • milestone changed from 1.4.2 to 1.5.1
Note: See TracTickets for help on using tickets.