[!!!][SECURITY] Remove old backend_layout wizard 21/28121/2
authorWouter Wolters <typo3@wouterwolters.nl>
Thu, 6 Mar 2014 20:44:02 +0000 (21:44 +0100)
committerHelmut Hummel <helmut.hummel@typo3.org>
Thu, 6 Mar 2014 22:19:17 +0000 (23:19 +0100)
commita783822fd3fb99f593c78a3a0d6a7267ba3b36b5
tree675c6eb84de780f2bda65198bca1da69a8b7f226
parent816f8af1cd41444296b37e2ceda3e57a9adf96eb
[!!!][SECURITY] Remove old backend_layout wizard

Keeping the old wizard script would not solve
the CSRF attack vector as they could still
be referenced in this kind of attack.

Because of that, we remove it now.

This change provides a backwards compatibility layer.

It will however break code which link to the
old scripts directly in other places.

Resolves: #56625
Releases: 6.2
Change-Id: I07577dca0e16cf095e114799ace4a6e344ad5aa3
Reviewed-on: https://review.typo3.org/28121
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
typo3/sysext/backend/Classes/Form/FormEngine.php
typo3/sysext/cms/layout/wizard_backend_layout.php [deleted file]