« Previous | Next » 

Revision 797fcc64

ID797fcc64b3a491861b7bdc0b732788a66229cd55

Added by Bastian Waidelich over 10 years ago

[+BUGFIX] Fix CSRF protection for camelCased actions

The FLOW3-CSRF-TOKEN is not attached to links pointing to
actions that contain upper case letters.
The solution is to store and compare all resources lowercased.

Change-Id: Ibae8ad81a7839c983b64bad86a8631c0176c59b1
Fixes: #25859

  • added
  • modified
  • copied
  • renamed
  • deleted