mirror of
https://github.com/silverstripe/silverstripe-cms
synced 2024-10-22 08:05:56 +02:00
#941 - Security flaw: SS prone to CSRF attack
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@43901 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
1e4c2a5caf
commit
7d2e079fd4
@ -121,7 +121,7 @@ CommentFilterButton.prototype = {
|
||||
updateURL += this.inputFields[index].name + '=' + encodeURIComponent( this.inputFields[index].value ) + '&';
|
||||
}
|
||||
}
|
||||
updateURL += 'ajax=1';
|
||||
updateURL += 'ajax=1' + ($('SecurityID') ? '&SecurityID=' + $('SecurityID').value : '');
|
||||
|
||||
new Ajax.Request( updateURL, {
|
||||
onSuccess: Ajax.Evaluator,
|
||||
|
@ -254,7 +254,7 @@ MemberFilterButton.prototype = {
|
||||
updateURL += this.inputFields[index].name + '=' + encodeURIComponent( this.inputFields[index].value ) + '&';
|
||||
}
|
||||
}
|
||||
updateURL += 'ajax=1';
|
||||
updateURL += 'ajax=1' + ($('SecurityID') ? '&SecurityID=' + $('SecurityID').value : '');
|
||||
|
||||
new Ajax.Request( updateURL, {
|
||||
onSuccess: Ajax.Evaluator,
|
||||
|
Loading…
Reference in New Issue
Block a user