NOTE: If you are a developer, please use a private wiki based on foswiki/trunk on a daily base ...or use trunk.foswiki.org to view this page for some minimal testing.
Use Item9693 for docu changes for 1.2 and 2.0.
You are here: Foswiki>Tasks Web>Item10989 (17 Dec 2011, GeorgeClark) Edit this topic text (e) Attach an image or document to this topic; manage existing attachments (a) View sequential topic history View without formatting (v) Create new topic Printable version of this topic (p) More: delete or rename this topic; set parent topic; view and compare revisions (m)

Item10989: Cannot confirm validation request of CSRF protection if validation method is 'embedded' - no buttons displayed

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Urgent Closed Engine    
If the validation method is embedded, that is, $Foswiki::cfg{Validation}{Method} = 'embedded' in LocalSite.cfg, and you issue an suspicious change request, you cannot confirm this request. You see the validation page, but the buttons (OK and Cancel) are not displayed.

The page is rendered according to the template templates/validate.tmpl. It includes the buttons but hides them using style="display:none". Looks like the class s1js_available provides some magic to display them if you are using the validation method onestrike and the browser has javascript enabled, but nothing is displayed in case of embedded.

-- KerstinPuschke - 19 Jul 2011

lets call this urgent!

-- SvenDowideit - 20 Jul 2011

Agree

-- KennethLavrsen - 30 Jul 2011

When you agree, could you please flip this to "Confirmed" so it doesn't have to be analysed again, thanks.

The problem is simply the template; it was a rush job after another fix and I never went back to restore the "embedded" capability.

-- CrawfordCurrie - 28 Aug 2011

 

ItemTemplate edit

Summary Cannot confirm validation request of CSRF protection if validation method is 'embedded' - no buttons displayed
ReportedBy KerstinPuschke
Codebase 1.1.3, trunk
SVN Range
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins Foswikirev:12400 Foswikirev:12401
TargetRelease patch
ReleasedIn 1.1.4
Edit | Attach | Print version | History: r7 < r6 < r5 < r4 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r7 - 17 Dec 2011, GeorgeClark
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons LicenseGet Foswiki at sourceforge.net. Fast, secure and Free Open Source software downloads