search

tingobol / yii-rights

Automatically exported from code.google.com/p/yii-rights
BSD 3-Clause "New" or "Revised" License
0 stars 0 forks source link

CSRF-Token not validated in ajax #11

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Enable the csrfValidation in main config
2. In permissions, click on assign
3. Check firebug's Net-tab.

What is the expected output? What do you see instead?
The expected result is that the assign-text changes to revoke.

What version of the product are you using? On what operating system?
Operation system Windows 7, Firefox 3.6.8, Newest version.

Please provide any additional information below.
You can check for the csrf-validation code in the CGridview->delete button.

Original issue reported on code.google.com by kenneth....@gmail.com on 27 Aug 2010 at 1:13

GoogleCodeExporter commented 9 years ago

Original comment by cni...@live.com on 27 Aug 2010 at 11:32

GoogleCodeExporter commented 9 years ago 
I'm going to have to look into this when I have time.

Original comment by cni...@live.com on 28 Aug 2010 at 8:53

GoogleCodeExporter commented 9 years ago 
This has been fixed and will be available in the next version.

Original comment by cni...@live.com on 28 Aug 2010 at 12:30

GoogleCodeExporter commented 9 years ago

Original comment by cni...@live.com on 5 Sep 2010 at 7:18