tonyair/silverstripe-reports
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-reports synced 2024-10-22 11:05:53 +02:00
Code Issues Projects Releases Wiki Activity

#941 - Security flaw: SS prone to CSRF attack

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@43901 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Andrew O'Neil 2007-10-28 21:44:38 +00:00
parent 1e4c2a5caf
commit 7d2e079fd4
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/CommentTableField.js
View File

@ -121,7 +121,7 @@ CommentFilterButton.prototype = {
updateURL += this.inputFields[index].name + '=' + encodeURIComponent( this.inputFields[index].value ) + '&';
}
}
updateURL += 'ajax=1';
updateURL += 'ajax=1' + ($('SecurityID') ? '&SecurityID=' + $('SecurityID').value : '');
new Ajax.Request( updateURL, {
onSuccess: Ajax.Evaluator,

2
javascript/MemberTableField.js
View File

@ -254,7 +254,7 @@ MemberFilterButton.prototype = {
updateURL += this.inputFields[index].name + '=' + encodeURIComponent( this.inputFields[index].value ) + '&';
}
}
updateURL += 'ajax=1';
updateURL += 'ajax=1' + ($('SecurityID') ? '&SecurityID=' + $('SecurityID').value : '');
new Ajax.Request( updateURL, {
onSuccess: Ajax.Evaluator,