tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: change the ugly user-facing CSRF message to more friendly

Browse Source 
User does not necessarily knows what CSRF is, and tends to get scared by
this, thinking he has abused something. On the other hand users tend to
know what session expiry means.
This commit is contained in:
Mateusz Uzdowski 2012-04-26 13:55:24 +12:00
parent 869bab2230
commit b561786825
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
forms/Form.php
View File

@ -240,7 +240,7 @@ class Form extends RequestHandler {
// Protection against CSRF attacks // Protection against CSRF attacks
$token = $this->getSecurityToken(); $token = $this->getSecurityToken();
if(!$token->checkRequest($request)) { if(!$token->checkRequest($request)) {
$this->httpError(400, "Security token doesn't match, possible CSRF attack."); $this->httpError(400, "Sorry, your session has timed out.");
} }
// Determine the action button clicked // Determine the action button clicked