[TYPO3-core] RFC: #17189: CSRF protection in Template module

Georg Ringer mail at ringerge.org
Fri Jan 21 11:50:46 CET 2011


Hi,

This is an SVN patch request

Type: Bugfix

Bugtracker reference: http://bugs.typo3.org/view.php?id=17189

Branches: trunk

Problem:
The template module doesn't currently use the new CSRF protection

Solution:
CSRF protection for the constant editor, info module and object browser

How To Test:
Check all 3 submodules if they work

Additional information:
There is an additional call to sql_free_result added in
tstemplate/ts/index.php, hope you don't mind

Georg
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 17189-csrf-template.patch
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20110121/bc4c49c3/attachment.asc>


More information about the TYPO3-team-core mailing list