Foswiki General Assembly will be held on 28th November 2019, 1200 UTC on Freenode IRC channel #foswiki-association. See AgendaTenthGeneralAssembly
You are here: Foswiki>Tasks Web>Item10989 (17 Dec 2011, GeorgeClark)Edit Attach

Item10989: Cannot confirm validation request of CSRF protection if validation method is 'embedded' - no buttons displayed

Priority: Urgent
Current State: Closed
Released In: 1.1.4
Target Release: patch
Applies To: Engine
Reported By: KerstinPuschke
Waiting For:
Last Change By: GeorgeClark
If the validation method is embedded, that is, $Foswiki::cfg{Validation}{Method} = 'embedded' in LocalSite.cfg, and you issue an suspicious change request, you cannot confirm this request. You see the validation page, but the buttons (OK and Cancel) are not displayed.

The page is rendered according to the template templates/validate.tmpl. It includes the buttons but hides them using style="display:none". Looks like the class s1js_available provides some magic to display them if you are using the validation method onestrike and the browser has javascript enabled, but nothing is displayed in case of embedded.

-- KerstinPuschke - 19 Jul 2011

lets call this urgent!

-- SvenDowideit - 20 Jul 2011


-- KennethLavrsen - 30 Jul 2011

When you agree, could you please flip this to "Confirmed" so it doesn't have to be analysed again, thanks.

The problem is simply the template; it was a rush job after another fix and I never went back to restore the "embedded" capability.

-- CrawfordCurrie - 28 Aug 2011


ItemTemplate edit

Summary Cannot confirm validation request of CSRF protection if validation method is 'embedded' - no buttons displayed
ReportedBy KerstinPuschke
Codebase 1.1.3, trunk
SVN Range
AppliesTo Engine
Priority Urgent
CurrentState Closed
Checkins distro:920bae0169fb distro:c80f3b6fe9b1
TargetRelease patch
ReleasedIn 1.1.4
Topic revision: r7 - 17 Dec 2011, GeorgeClark - This page was cached on 13 Nov 2019 - 20:18.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy