Joomla Extensions by Joomdonation

CSRF Protection (Token) on Forms

  • LAC Webadmin
  • Topic Author
  • Offline
  • Premium Member
  • Premium Member
More
5 years 3 months ago #120895 by LAC Webadmin
CSRF Protection (Token) on Forms was created by LAC Webadmin
Hi Tuan,

I'm looking at the search bar form (search.php) file and I noticed it is not using Joomla's security token for CSRF protection
Code:
<?php echo JHtml::_('form.token'); ?>
. Do you have alternative of this in your RAD framework? I have not checked other form files in events booking but is this something that you are not concerned about?

Thanks,

Jackson

Please Log in or Create an account to join the conversation.

More
5 years 3 months ago #120900 by Tuan Pham Ngoc
Replied by Tuan Pham Ngoc on topic CSRF Protection (Token) on Forms
Hi Jackson

No, we don't have alternative. Actually, at the moment, we don't have that token for the search form. Honestly, I am afraid of at this state, I could not add token check to it because if we do that, it will cause issue for users who made customization to the search form /search module

So for adding token check to this search feature, I am afraid of we will have to leave it to the next major release (EB version 4)

Regards,

Tuan

Please Log in or Create an account to join the conversation.

Moderators: Tuan Pham Ngoc

Support

Documentation

Information

Copyright © 2024 Joomla Extensions by Joomdonation. All Rights Reserved.
joomdonation.com is not affiliated with or endorsed by the Joomla! Project or Open Source Matters.
The Joomla! name and logo is used under a limited license granted by Open Source Matters the trademark holder in the United States and other countries.

Connect Us