adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 03:18:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
cakephp2-php8/lib/Cake/View
History
mark_story f23d811ff5 Use the form action URL in generated form hashes. 
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
..
Elements Removed "PHP 5" from file header DocBlocks 2013-11-13 22:58:39 +01:00
Errors Removed "PHP 5" from file header DocBlocks 2013-11-13 22:58:39 +01:00
Helper Use the form action URL in generated form hashes. 2014-04-25 22:05:58 -04:00
Scaffolds Removed "PHP 5" from file header DocBlocks 2013-11-13 22:58:39 +01:00
Helper.php Collision free approach to resolve the DOM ID issue in a clean way. Fix to generation of ids for multiple checkboxes. Resolves ticket 4064. 2013-12-04 01:30:57 +01:00
HelperCollection.php remove undocumented code and uncessary in_array() checks + cleanup 2013-08-08 03:56:58 +02:00
JsonView.php Updated doc block for JsonView's subDir property 2013-09-17 20:25:32 -04:00
MediaView.php Don't return true from view classes' render() method. 2014-02-06 03:06:00 +05:30
ScaffoldView.php Removed "PHP 5" from file header DocBlocks 2013-11-13 22:58:39 +01:00
ThemeView.php Removed "PHP 5" from file header DocBlocks 2013-11-13 22:58:39 +01:00
View.php Fix ApiGen errors 2014-02-07 18:29:54 -02:00
ViewBlock.php Fix ApiGen errors 2014-02-07 18:29:54 -02:00
XmlView.php Don't load Helpers in dataviews when _serialize is set. 2013-08-28 15:47:44 -04:00