Project

General

Profile

Actions

Feature #24099

closed

Use the form protection API to implement the CSRF protection (1)

Added by Helmut Hummel about 14 years ago. Updated over 13 years ago.

Status:
Closed
Priority:
Should have
Category:
-
Target version:
-
Start date:
2010-11-17
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

The form protection API introduced in #24097 should be used to secure the backend and the install tool against CSRF attacks.

Note:
This is a first version of the implementation, which currently only secures the user setup and the install tool. More will come in the next beta

(issue imported from #M16439)


Related issues 2 (0 open2 closed)

Related to TYPO3 Core - Bug #24097: Introduce a form protection APIClosedErnesto Baschny2010-11-17

Actions
Related to TYPO3 Core - Bug #24671: Protect C(R)UD actions against CSRFClosedErnesto Baschny2011-01-20

Actions
Actions

Also available in: Atom PDF