Closed GoogleCodeExporter closed 9 years ago
For every "edit/delete/insert" action use authorizing token.
Original comment by horak.honza@gmail.com
on 23 Apr 2012 at 7:12
actions protected by csrf protectiou has to call Request::checkCsrf() and
actions where user can click on protected link have to call
Request::reGenerateToken()
Original comment by horak.honza@gmail.com
on 28 Apr 2012 at 12:40
Original issue reported on code.google.com by
horak.honza@gmail.com
on 23 Apr 2012 at 7:07