6.0.0-beta13
▾
Tasks
New Task
Search
Photos
Wiki
▾
Tickets
New Ticket
Search
dev.horde.org
Toggle Alerts Log
Help
4/11/26
H
istory
A
ttachments
C
omment
W
atch
Download
Comment on [#11538] Embedding calendars broken
*
Your Email Address
*
Spam protection
Enter the letters below:
._.. ..___.. .. . | |__| | |\/|| | _|_| | | | ||/\|
Comment
> Changes have been made in Git (master): > > commit 2884204d9b175d8729c1e662ba53cbeb9c03e7e6 > Author: Michael M Slusarz <slusarz@horde.org> > Date: Thu Mar 28 11:58:10 2013 -0600 > > [mms] SECURITY: Fix token validation of AJAX actions. > > Mea culpa. This commit broke things: > > commit 83dcfa1448ba2b142623839aee78a2160eb25cb0 > Author: Michael M Slusarz <slusarz@horde.org> > Date: Wed Oct 17 13:27:10 2012 -0600 > > [mms] Allow AJAX handler methods to be marked externally accessible > (i.e. no session token checking) (Bug #11538). > > This commit failed to extend the injector to pass the token argument to > the AJAX Application handler. Although we should always do this check, > regardless of whether the token is empty anyway. > > framework/Core/lib/Horde/Core/Ajax/Application.php | 5 ++--- > framework/Core/lib/Horde/Core/Factory/Ajax.php | 5 +++-- > framework/Core/package.xml | 2 ++ > 3 files changed, 7 insertions(+), 5 deletions(-) > > http://git.horde.org/horde-git/-/commit/2884204d9b175d8729c1e662ba53cbeb9c03e7e6
Attachment
Watch this ticket
N
ew Ticket
M
y Tickets
S
earch
Q
uery Builder
R
eports
Saved Queries
Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers