mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Merge remote-tracking branch 'security/patch/3.1/ss-2015-029' into 3.1.19
This commit is contained in:
commit
47c3165aa3
@ -1046,6 +1046,9 @@ class LeftAndMain extends Controller implements PermissionProvider {
|
||||
* @return SS_HTTPResponse JSON string with a
|
||||
*/
|
||||
public function savetreenode($request) {
|
||||
if (!SecurityToken::inst()->checkRequest($request)) {
|
||||
return $this->httpError(400);
|
||||
}
|
||||
if (!Permission::check('SITETREE_REORGANISE') && !Permission::check('ADMIN')) {
|
||||
$this->response->setStatusCode(
|
||||
403,
|
||||
|
@ -97,7 +97,10 @@
|
||||
});
|
||||
|
||||
$.ajax({
|
||||
'url': self.data('urlSavetreenode'),
|
||||
'url': $.path.addSearchParams(
|
||||
self.data('urlSavetreenode'),
|
||||
self.data('extraParams')
|
||||
),
|
||||
'type': 'POST',
|
||||
'data': {
|
||||
ID: nodeID,
|
||||
|
Loading…
Reference in New Issue
Block a user