Bug #30436
Access denied exception after session timeout with CSRF
100%
Description
An access of a CSRF protected action with an invalidated session throws an Exception (e.g. \TYPO3\FLOW3\Security\Exception\AccessDeniedException
). This exception cannot be catched in any way. Also a reauthentication using an entry point is not possible right now.
Updated by Mr. Hudson over 9 years ago
- Status changed from New to Under Review
Patch set 1 of change If2c9c6386a2ee26195073a359dcf87db515d1dc0 has been pushed to the review server.
It is available at http://review.typo3.org/5444
Updated by Mr. Hudson over 9 years ago
Patch set 2 of change If2c9c6386a2ee26195073a359dcf87db515d1dc0 has been pushed to the review server.
It is available at http://review.typo3.org/5444
Updated by Mr. Hudson over 9 years ago
Patch set 3 of change If2c9c6386a2ee26195073a359dcf87db515d1dc0 has been pushed to the review server.
It is available at http://review.typo3.org/5444
Updated by Mr. Hudson over 9 years ago
Patch set 4 of change If2c9c6386a2ee26195073a359dcf87db515d1dc0 has been pushed to the review server.
It is available at http://review.typo3.org/5444
Updated by Christopher Hlubek over 9 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 0edbd68a074a248a8ddd4b023002a7a51e98ca48.