Task #56356
Epic #55070: Workpackages
Epic #55066: WP: Security enhancements
Story #56052: Implement CSRF Protection for ajax.php
Protect core Ajax calls against CSRF
Status: | Resolved | Start date: | 2014-02-26 | |
---|---|---|---|---|
Priority: | Should have | Due date: | ||
Assigned To: | - | % Done: | 100% |
|
Category: | - | Spent time: | - | |
Target version: | - | |||
TYPO3 Version: | 6.2 | Complexity: | ||
PHP Version: | Sprint Focus: |
Description
The backend ajax handler that are directly registered
in DefaultConfiguration.php should be CSRF protected
if necessary.
Related issues
Associated revisions
[SECURITY] Protect core Ajax calls against CSRF
The backend ajax handler that are directly registered
in DefaultConfiguration.php are now CSRF protected
if necessary.
Resolves: #56356
Releases: 6.2
Change-Id: Ia592f7f2b51c20326600b97d2ce10a5e5fdbfde7
Reviewed-on: https://review.typo3.org/27877
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Markus Klein
Tested-by: Markus Klein
History
#1 Updated by Gerrit Code Review over 1 year ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27877
#2 Updated by Helmut Hummel over 1 year ago
- Parent task set to #56052
#3 Updated by Gerrit Code Review over 1 year ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27877
#4 Updated by Gerrit Code Review over 1 year ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27877
#5 Updated by Gerrit Code Review over 1 year ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/27877
#6 Updated by Helmut Hummel over 1 year ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 715e61b279846e9eb69e0deafaeef9f9869fb24a.