Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-69807

Editing a block exposes the CSRF token (sesskey) in the url

    XMLWordPrintable

    Details

      Description

      Just another sesskey which is not needed in the original get, only on the subsequent posts when saving the form.

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              pholden Paul Holden
              Reporter:
              brendanheywood Brendan Heywood
              Peer reviewer:
              Brendan Heywood
              Integrator:
              Adrian Greeve
              Tester:
              Janelle Barcega
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                9/Nov/20

                  Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 hour, 50 minutes
                  1h 50m