Discussion tool and CSRF protection

Description

See SAK-20827

The easiest thing may to be just disable CSRF for this particular tool. See comments in issue above to how to go about it.

Activity

Beth Kirschner November 2, 2012 at 5:38 AM

fixed as suggested.

Beth Kirschner October 31, 2012 at 12:40 PM

Gonzalo - can you add the above properties to the build?

Beth Kirschner October 31, 2012 at 12:39 PM

I agree with the proposed solution - we should add this to sakai.properties

velocity.csrf.insecure.tools.count=1
velocity.csrf.insecure.tools.1=sakai.discussion

Fixed

Assignee

Reporter

Components

Fix versions

Affects versions

Priority

Created October 31, 2012 at 10:54 AM
Updated November 2, 2012 at 5:38 AM
Resolved November 2, 2012 at 5:38 AM