Allow Form->forTemplate() URL access (fixes #788)

Need to specifically whitelist URL-accessible actions now.
Used in "Insert Link" form in HtmlEditorField.
Regression from 1edf45fbed
This commit is contained in:
Ingo Schommer 2013-06-25 16:33:00 +02:00
parent 83726b21a2
commit 09b31c642f

View File

@ -149,7 +149,11 @@ class Form extends RequestHandler {
*/
protected $attributes = array();
private static $allowed_actions = array('handleField', 'httpSubmission');
private static $allowed_actions = array(
'handleField',
'httpSubmission',
'forTemplate',
);
/**
* Create a new form, with the given fields an action buttons.
@ -210,7 +214,7 @@ class Form extends RequestHandler {
'GET ' => 'httpSubmission',
'HEAD ' => 'httpSubmission',
);
/**
* Set up current form errors in session to
* the current form if appropriate.