include/class_CSRFProtection.inc · fcfcea497344c53a290cde013cf5afcdccd7d86a · fusiondirectory / fusiondirectory

Merge branch '5840-security-vulnerability-cross-site-request-forgery' into '1.3-dev' · 62ffce88

Côme Chilliet authored Jun 04, 2018

Resolve "Security Vulnerability: Cross Site Request Forgery"

See merge request fusiondirectory/fd!280

(cherry picked from commit 5edd2e32)

d8dbd130 :sparkels: feat(core) Add CSRF protection token
6e31f486 ✨ feat(core) Reject CSRF based on HEADER values
d9089973 🚑 fix(core) Remove useless line in CSRFProtection
3b51b48c 🚑 fix(core) Use FusionDirectoryException instead of Exception
1ac4c8b5 🚑 fix(core) sonar fix

62ffce88