Task #56345

Epic #55070: Workpackages

Epic #55066: WP: Security enhancements

Story #56052: Implement CSRF Protection for ajax.php

Add API to CSRF protect Ajax calls in Backend

Added by Helmut Hummel about 7 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2014-02-26
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

This change adds API to register Ajax ids with their handler
and to get an Ajax URL for a specific AjaxID

A token check is added to the ajax.php dispatcher
script. To stay backwards compatible, the token
is only checked, if the AjaxId is registered not
using the new API.

The new API will be used by TYPO3 core in
consecutive changes.

#1

Updated by Gerrit Code Review about 7 years ago

  • Status changed from New to Under Review

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27873

#2

Updated by Gerrit Code Review about 7 years ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27873

#3

Updated by Gerrit Code Review about 7 years ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27873

#4

Updated by Gerrit Code Review about 7 years ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27873

#5

Updated by Gerrit Code Review about 7 years ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27873

#6

Updated by Gerrit Code Review about 7 years ago

Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27873

#7

Updated by Helmut Hummel about 7 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
#8

Updated by Benni Mack over 2 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF