Skip to content
Snippets Groups Projects
Commit dfab37ac authored by Helmut Hummel's avatar Helmut Hummel
Browse files

[!!!][SECURITY] Remove old wizard scripts

Keeping the old wizard script would not solve
the CSRF attack vector as they could still
be referenced in this kind of attack.

Because of that, we remove them now.

This change provides a backwards compatibility
layer in FormsEngine which takes care of rewriting
URLs which have been referenced in TCA.

Also the priority is changed in code. This means
that extension authors can reference both
configurations to stay compatible with older
TYPO3 versions.

It will however break code which link to the
old scripts directly in other places.

Resolves: #56454
Releases: 6.2
Change-Id: I15f5d929f16fdd53a8b87cd32440a3d6ce59b6ed
Reviewed-on: https://review.typo3.org/27956
Reviewed-by: Wouter Wolters
Tested-by: Wouter Wolters
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
parent 3d4de84e
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment