Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Switch off adding anti_xss parameter «x» for certain forms. #1112

Open
macik opened this Issue · 0 comments

2 participants

@macik
Collaborator

Now it automatically adds to all post-forms on page, so when we have form to interact with foreign services we have some disadvantages:

  • «x» param can duplicates with form native param required by service
  • we send out «x» to outside own site thats not secure

I think we can track it on client side and switch it off (delete) if form requires it.

@macik macik was assigned
@trustmaster trustmaster added the medium label
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.