Skip to content
  • Alexander Schnitzler's avatar
    [!!!][SECURITY] Add CSRF Protection for tce_file.php · 75281c9c
    Alexander Schnitzler authored
    Add a token check in tce_file.php and token generation
    everywhere forms for or links to tce_file.php are created.
    Additionaly make sure, an instance of ExtendedFileUtility
    is created in FileController on initialization to prevent
    a fatal "Call to a member function on a non-object" error
    in FileController::finish.
    Releases: 6.2
    Resolves: #55515
    Change-Id: Ifd585661ac2cac6c88eaca5ad63b447d27e35395
    Reviewed-by: Helmut Hummel
    Tested-by: Helmut Hummel