Protect C(R)UD actions against CSRF
We have a form protection framework, but currently it is only used to protect the user setup.
Implement it for all actions where data is created, updated or deleted.
The protection (check) has been implemented in the following places:
- alt_doc.php (which is the main editing frame if you open a record)
- tce_db.php (script the renders nothing, but accepts parameters and hands them over to TCEmain
- extDirect router (This affects all Ext modules doing CRUD actions)
Please test as much as you can, including the following:
clear cache menu
page module (save/ delete/ move records)
all context menus (not new pagetree)
alt_doc.php (save/ delete/ move records)
taskcenter search (sql query)
Please report if something does not work any more after applying this patch especially if you get a flash message stating "Validating the security token of this form has failed. Please reload the form and submit it again."
Some things are not optimal (like updating the token for the clear cache menu, or the ExtDirect only using one single token until the page is reloaded), but still it is better (more secure) than before.Also things are missing:
- IRRE needs to be checked and secured
- file operations need to be secured
I will work on the missing things tomorrow and submit another RFC
(issue imported from #M17153)