[TYPO3-core] RFC: #17383: Open forms cannot be saved after "Relogin" (Security Token errors)

Helmut Hummel helmut.hummel at typo3.org
Sun Jan 30 16:15:25 CET 2011


Hi,

this is a SVN patch request.

Type: Bugfix

Bugreacker reference: http://bugs.typo3.org/view.php?id=17383

Branches: trunk, 4-5

Problem:
If you have an open form (e.g. editing a content element) and you leave
your browser unattended until "session expires", you can relogin with
the popup window (or the JS overlay).

After this relogin, if you try to save your work, you will get security
token errors.

Additionally the clear cache menu actions need new tokens.

Solution:
Go through the DOM and replace the old tokens with newly generated ones.

Note: This patch also includes the fix for #17378

Kind regards,
Helmut

-- 
Helmut Hummel
TYPO3 Security Team Leader

TYPO3 .... inspiring people to share!
Get involved: typo3.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 17383.diff
Type: text/x-patch
Size: 5446 bytes
Desc: not available
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20110130/c1da670d/attachment.bin>


More information about the TYPO3-team-core mailing list