tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-26 06:29:24 +02:00
Code Issues Projects Releases Wiki Activity

ENHANCEMENT Add config var to skip confirm logout (#7977)

Browse Source
This commit is contained in:
Andrew Aitken-Fincham 2018-04-03 22:43:49 +01:00 committed by Damian Mooyman
parent e3b9fb3036
commit 47bcac930d
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Security/MemberAuthenticator/LogoutHandler.php
View File

@ -37,6 +37,11 @@ class LogoutHandler extends RequestHandler
'LogoutForm'
];
/**
* @config
* @var bool
*/
private static $confirm_logout = true;
/**
* Log out form handler method
@ -54,7 +59,7 @@ class LogoutHandler extends RequestHandler
// If the user doesn't have a security token, show them a form where they can get one.
// This protects against nuisance CSRF attacks to log out users.
if ($member && !SecurityToken::inst()->checkRequest($this->getRequest())) {
if ($member && self::config()->get('confirm_logout') && !SecurityToken::inst()->checkRequest($this->getRequest())) {
Security::singleton()->setSessionMessage(
_t(
'SilverStripe\\Security\\Security.CONFIRMLOGOUT',