Foswiki on GitHub is open for business! Next release meeting: Monday September 15, 1300Z

Item10989: Cannot confirm validation request of CSRF protection if validation method is 'embedded' - no buttons displayed

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Urgent Closed Engine    
If the validation method is embedded, that is, $Foswiki::cfg{Validation}{Method} = 'embedded' in LocalSite.cfg, and you issue an suspicious change request, you cannot confirm this request. You see the validation page, but the buttons (OK and Cancel) are not displayed.

The page is rendered according to the template templates/validate.tmpl. It includes the buttons but hides them using style="display:none". Looks like the class s1js_available provides some magic to display them if you are using the validation method onestrike and the browser has javascript enabled, but nothing is displayed in case of embedded.

-- KerstinPuschke - 19 Jul 2011

lets call this urgent!

-- SvenDowideit - 20 Jul 2011

Agree

-- KennethLavrsen - 30 Jul 2011

When you agree, could you please flip this to "Confirmed" so it doesn't have to be analysed again, thanks.

The problem is simply the template; it was a rush job after another fix and I never went back to restore the "embedded" capability.

-- CrawfordCurrie - 28 Aug 2011

 

ItemTemplate edit

Summary Cannot confirm validation request of CSRF protection if validation method is 'embedded' - no buttons displayed
ReportedBy KerstinPuschke
Codebase 1.1.3, trunk
SVN Range
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins Foswikirev:12400 Foswikirev:12401
TargetRelease patch
ReleasedIn 1.1.4
Topic revision: r7 - 17 Dec 2011, GeorgeClark
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License