6.0.0-beta1
▾
Tasks
New Task
Search
Photos
Wiki
▾
Tickets
New Ticket
Search
dev.horde.org
Toggle Alerts Log
Help
11/28/25
H
istory
A
ttachments
C
omment
W
atch
Download
Comment on [#5307] Upgrade Prototype to 1.5.1_rc3 and make use of CSRF protection
*
Your Email Address
*
Spam protection
Enter the letters below:
.__..___..___..__..__. [__] | | [__]| | | | | | | ||__|
Comment
>> Horde_Tree at least, and yes Ansel. > > > > But we are not returning JSON code from a script in these instances - > we seem to simply be using JSON as a shorthand to serialize objects > in the javascript code we output. As far as I can tell, this is not > the security issue the commenting is meant to avoid - only the case > where we are directly returning JSON from an open XmlHttpRequest > channel. Or maybe I am wrong.
Attachment
Watch this ticket
N
ew Ticket
M
y Tickets
S
earch
Q
uery Builder
R
eports
Saved Queries
Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers