adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-19 11:06:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cakephp2-php8/lib/Cake/Test/Case/Controller
History
mark_story f23d811ff5 Use the form action URL in generated form hashes. 
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
..
Component Use the form action URL in generated form hashes. 2014-04-25 22:05:58 -04:00
ComponentCollectionTest.php Removed "PHP 5" from file header DocBlocks 2013-11-13 22:58:39 +01:00
ComponentTest.php Removed "PHP 5" from file header DocBlocks 2013-11-13 22:58:39 +01:00
ControllerMergeVarsTest.php Remove dead and unused code. 2014-02-11 16:38:24 -05:00
ControllerTest.php Replaced true asserations with instanceOf asserations in test cases 2013-09-24 22:10:36 -04:00
PagesControllerTest.php Removed "PHP 5" from file header DocBlocks 2013-11-13 22:58:39 +01:00
ScaffoldTest.php more missing doc block tags added 2014-04-02 03:02:37 +02:00