tonydspaniard
commented
7 years ago Thanks @techie42 !
Closed techie42 closed 7 years ago
tonydspaniard
commented
7 years ago Thanks @techie42 !
techie42
commented
7 years ago No problem ... keep up the good work :) Many thanks.
The CKEditor file browser can open different dialogs depending on whether a generic file browse / upload function is required or a specific image browse / upload function. The original code is configured to only include the CSRF code if the generic file upload 'filebrowserUploadUrl' option is provided. However, it is possible for someone to specifically use the 'filebrowserImageUploadUrl' option without the other one; this results in the CSRF code not being registered. By checking for either option being defined, the CSRF code is always included when at least one of the options is required.