Which admin actions do not use the CSRF Token Implementation?
Permalink
Is there any (easy) way of finding out which admin actions do not use the CSRF Token Implementation?
The reason I ask is that I need to fix these and I'd rather not trawl through every single possible form to check if I can avoid it
I know that some do (e.g. user management) and some don't (e.g. Backups)
(see my bug report here:http://www.concrete5.org/developers/bugs/5-4-1-1/some-admin-actions... )
The reason I ask is that I need to fix these and I'd rather not trawl through every single possible form to check if I can avoid it
I know that some do (e.g. user management) and some don't (e.g. Backups)
(see my bug report here:http://www.concrete5.org/developers/bugs/5-4-1-1/some-admin-actions... )
Quite easy to work, nice interface and quite powerful!