We have moved to Github. Please open tickets there.

Opened 4 years ago

Closed 3 years ago

#750 closed Enhancement (fixed)

CSRF: Enforce action token

Reported by: marcus Owned by:
Priority: high Milestone:
Component: Core Version: 1.2
Severity: major Keywords:
Cc: brettp Difficulty:

Change History (3)

comment:1 Changed 4 years ago by marcus

  • Priority changed from minor to major

comment:2 Changed 4 years ago by marcus

Problem with this is that there are situations (long bp and comments) where a time limited form does not make sense.

comment:3 Changed 3 years ago by brettp

  • Resolution set to fixed
  • Status changed from new to closed

(In [svn:3821]) Fixes #750: All actions require elgg_ts and elgg_token.

Note: See TracTickets for help on using tickets.