Don't check for CSRF attacks when no user is logged in FS#1619 - dokuwiki - The DokuWiki Open Source Wiki Engine

index : dokuwiki

The DokuWiki Open Source Wiki Engine

Aslak Raanes

about summary refs log tree commit diff stats homepage

path: root/lib/scripts/toolbar.js

diff options

author	Andreas Gohr <andi@splitbrain.org>	2009-05-27 13:22:43 +0200
committer	Andreas Gohr <andi@splitbrain.org>	2009-05-27 13:22:43 +0200
commit	df97eaac223e8e3c1cbd6f1474bc72a9ace9d51e (patch)
tree	658ddff26a3b906b20d342e2729b5d8666ca0bf2 /lib/scripts/toolbar.js
parent	a3a8a0291c95b59fcf8b0f38a9ce348f222d0251 (diff)
download	dokuwiki-df97eaac223e8e3c1cbd6f1474bc72a9ace9d51e.tar.gz dokuwiki-df97eaac223e8e3c1cbd6f1474bc72a9ace9d51e.zip

Don't check for CSRF attacks when no user is logged in FS#1619

Ignore-this: 3ef4fafa34a7bbba76435b5db6935b57 There is no need to fight against a privilege stealing attack when the attacked user has no privileges. Skipping the check reenables editing without cookies again. darcs-hash:20090527112243-7ad00-c1acd3161ececf3d922d5842033cb7d3f1910a16.gz

Diffstat (limited to 'lib/scripts/toolbar.js')

0 files changed, 0 insertions, 0 deletions