Bug #36035

CSRF protection prevents the triggering of authentication entry points in some cases

Added by Andreas Förthner almost 9 years ago. Updated almost 9 years ago.

Status:
Resolved
Priority:
Should have
Category:
Security
Start date:
2012-04-14
Due date:
% Done:

100%

Estimated time:
PHP Version:
Has patch:
No
Complexity:

Description

As CSRF protection is not needed when nobody is logged in, we can completely skip this feature then. This makes sure, that authentication entry points are triggered in any case correctly.

#1

Updated by Gerrit Code Review almost 9 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10463

#2

Updated by Andreas Förthner almost 9 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100

Also available in: Atom PDF