Opened 5 years ago
Closed 5 years ago
#210 closed Enhancement (fixed)
Action gatekeeper and form token gen code for CSRF vuln
| Reported by: | marcus | Owned by: | |
|---|---|---|---|
| Priority: | critical | Milestone: | |
| Component: | Version: | ||
| Severity: | blocker | Keywords: | |
| Cc: | brettp | Difficulty: |
Description
Change History (11)
comment:1 Changed 5 years ago by marcus
comment:2 Changed 5 years ago by marcus
(In [svn:1733]) Example of usage (Refs #210), also refs #211.
comment:3 Changed 5 years ago by marcus
(In [svn:1758]) Refs #210: Will trigger a plugin hook 'action_gatekeeper:permissions:check'.
comment:4 Changed 5 years ago by marcus
(In [svn:1818]) Refs #210 & #211
comment:5 Changed 5 years ago by marcus
(In [svn:1820]) Refs #210 & #211
comment:6 Changed 5 years ago by marcus
(In [svn:1823]) Refs #210 & #211 : Plugins settings converted.
comment:7 Changed 5 years ago by marcus
(In [svn:1824]) Refs #210 & #211 : Some more core settings / admin pages moved to use admin_gatekeeper. Install script action now also refuses to be run if the site has already been installed.
comment:8 Changed 5 years ago by marcus
(In [svn:1827]) Refs #210 & #211 : Widgets edit now using action_gatekeeper
comment:9 Changed 5 years ago by marcus
(In [svn:1828]) Refs #210 & #211 : Updated comments form
comment:10 Changed 5 years ago by marcus
(In [svn:1839]) Refs #210 & #211: Friends form moved to action_gatekeeper code.
comment:11 Changed 5 years ago by marcus
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
(In [svn:1731]) Refs #210 and #211