Item9273 < Tasks

NOTE: If you are a developer, please use a private wiki based on foswiki/trunk on a daily base ...or use trunk.foswiki.org to view this page for some minimal testing.
Use Item9693 for docu changes for 1.2 and 2.0.

You are here: Foswiki>Tasks Web>Item9273 (revision 2) (raw view)

Foswiki asks for confirmation of a suspicious request (i.e. a CSRF confirmation) if I save after not-changing the form.

To reproduce:
   1 Click "Edit" (or "Raw Edit", or "Wiki Text")
   1 Click "Replace form..."
   1 Click "Go back" on the form (not on the browser)
   1 Click "Save"

If I try this with the WYSIWYG editor on Trunk, then I get a 500 error. "There was a problem retrieving http://trunk.foswiki.org/bin/rest/WysiwygPlugin/tml2html: GENERAL 500" appears in the edit box. (It is now 7 July 2010 16:24 UTC, if you want to check the logs.) I didn't click save when I tried this on trunk because I didn't want to kill my topic.

I see this on 1.0.9 (raw edit and WYSIWYG) and trunk (wiki text).

-- Main.MichaelTempest - 07 Jul 2010

It works fine for me on trunk, but there have been so many changes since 1.0.9 that I'm just going to ignore this, sorry. Please re-open if you can reproduce on latest code.

-- Main.CrawfordCurrie - 13 Oct 2011

%COMMENT%

ItemTemplate edit

Summary	Changing Form triggers CSRF confirmation
ReportedBy	MichaelTempest
Codebase	1.0.9, trunk
SVN Range
AppliesTo	Engine
Component
Priority	Normal
CurrentState	No Action Required
WaitingFor
Checkins
TargetRelease	n/a
ReleasedIn	n/a

Topic revision: r2 - 13 Oct 2011, CrawfordCurrie

Tasks

Submit and Query

Create Task

Developer Tasks

Non Developer Tasks

Developer Tools

Tools

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement.