Bug #24697
closed
CSRF protection in frontend for ExtDirect is missing
0%
Description
Problem:
Currently the CSRF protection for the frontend is missing as we are missing a frontend version of the formprotection class.
Current Solution:
The attached patch fixes this behaviour partly, but you would still require to set the page to no_cache, because the caching of the security token.
(issue imported from #M17183)
Files
Updated by Helmut Hummel almost 14 years ago
This is solve partly by #24805 which disables the protection in frontend automatically.
The rest is postponed for 4.6
Updated by Chris topher about 13 years ago
- Target version changed from 4.6.0 to 4.6.1
Updated by Chris topher almost 13 years ago
- Target version changed from 4.6.1 to 4.6.2
Updated by Xavier Perseguers almost 13 years ago
- Category deleted (
Communication) - Assignee deleted (
Helmut Hummel) - Target version deleted (
4.6.2)
Updated by Alexander Opitz almost 10 years ago
- Status changed from Accepted to Needs Feedback
- Is Regression set to No
Hi,
does the problem still exists within newer versions of TYPO3 CMS (6.2.9)?
Updated by Alexander Opitz over 9 years ago
- Status changed from Needs Feedback to Closed
No feedback within the last 90 days => closing this issue.
If you think that this is the wrong decision or experience this issue again, then please write to the mailing list typo3.teams.bugs with issue number and an explanation or open a new ticket and add a relation to this ticket number.