Actually check CSRF on Password and LDAP forms
febc494737be
Actions

Authored by epriestley <git@epriestley.com> on Jan 23 2014, 23:18.

Description

Actually check CSRF on Password and LDAP forms

Summary: Ref T4339. We didn't previously check isFormPost() on these, but now should.

Test Plan: Changed csrf token on login, got kicked out.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T4339

Committed

epriestley <git@epriestley.com>

Jan 23 2014, 23:18

Pushed

aubort

Jan 31 2017, 17:16

Parents

Branches

Unknown

Tags

Unknown

epriestley <git@epriestley.com> committed rPHfebc494737be: Actually check CSRF on Password and LDAP forms (authored by epriestley <git@epriestley.com>).Jan 23 2014, 23:18

				Path
	M			src/applications/auth/provider/PhabricatorAuthProviderLDAP.php
	M			src/applications/auth/provider/PhabricatorAuthProviderPassword.php