[TYPO3-core] RFC: #17289: Form protection tokens get lost because of a race condition when persisting tokens
Helmut Hummel
helmut.hummel at typo3.org
Tue Jan 25 10:58:08 CET 2011
Hi,
On 25.01.11 10:44, Helmut Hummel wrote:
>
> How to test:
> * Apply the test patch
> * Reload the backend
> * Go to file list module and wait until both frames loaded
> * hover over the help icon in navigation frame
The testing patch contains the fix (locking) already.
If the original problem does not happen to you, you can apply the
testing patch and simply comment out locking:
//$lockObject = $this->acquireLock();
right before:
$this->updateTokens();
Kind regards,
Helmut
--
Helmut Hummel
TYPO3 Security Team Leader
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-team-core
mailing list