Skip to content
Snippets Groups Projects
Select Git revision
  • 12.4
  • main default
  • 11.5
  • 13.3
  • l10n_main
  • 13.1
  • 13.0
  • l10n_12.4
  • 10.4
  • 12.1
  • 9.5
  • 11.3
  • master
  • 11.1
  • TYPO3_8-7
  • 10.2
  • 9.3
  • 9.2
  • TYPO3_7-6
  • TYPO3_7-0
  • v13.3.1
  • v12.4.21
  • v11.5.40
  • v13.3.0
  • v12.4.20
  • v12.4.19
  • v12.4.18
  • v11.5.39
  • v12.4.17
  • v13.2.1
  • v13.2.0
  • v12.4.16
  • v11.5.38
  • v13.1.1
  • v12.4.15
  • v11.5.37
  • v13.1.0
  • v12.4.14
  • v12.4.13
  • v12.4.12
40 results
Blame History Permalink
  • Helmut Hummel's avatar
    [FEATURE] Add API to CSRF protect Ajax calls in Backend · 2aa83d39
    Helmut Hummel authored 
    This change adds API to register Ajax ids with
their handler and to get an Ajax URL for
a specific AjaxID.

A token check is added to the ajax.php dispatcher
script. To stay backwards compatible, the token
is only checked, if the AjaxId is registered not
using the new API.

The new API will be used by TYPO3 core in
consecutive changes.

Resolves: #56345
Documentation: #56347
Releases: 6.2
Change-Id: I188a9312b0f4239040e461ba09dc9c8f2b93a68b
Reviewed-on: https://review.typo3.org/27873
Reviewed-by: Wouter Wolters
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
    2aa83d39
To find the state of this project's repository at the time of any of these versions, check out the tags.