« Previous | Next » 

Revision 797fcc64


Added by Bastian Waidelich over 10 years ago

[+BUGFIX] Fix CSRF protection for camelCased actions

The FLOW3-CSRF-TOKEN is not attached to links pointing to
actions that contain upper case letters.
The solution is to store and compare all resources lowercased.

Change-Id: Ibae8ad81a7839c983b64bad86a8631c0176c59b1
Fixes: #25859

  • added
  • modified
  • copied
  • renamed
  • deleted