You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
plone.protect has 3 monkeypatches into other parts of Plone/Zope. Two are done using collective.monkeypatcher and replacing stuff in Products.CMFormController and Zope2 webdav.
A) Products.CMFFormController can be done right away (should be patched for both Plone 4 and Plone 5 if we stick to plone.protect 3.x for both Plone 4 and 5)
B) webdav can be done once we have know where to base Zope on. (Zope 2.13.X, Zope 4.X)
C) plone.protect also disables Products.PluggableAuthServices getCSRFToken and checkCSRFToken, presumably because these are the older CRSF protection framewok methods that are now taken over by plone.protect 3.X . Should that CSRF part be removed completely from Products.PluggableAuthServices?
The text was updated successfully, but these errors were encountered:
plone.protect has 3 monkeypatches into other parts of Plone/Zope. Two are done using collective.monkeypatcher and replacing stuff in Products.CMFormController and Zope2 webdav.
A) Products.CMFFormController can be done right away (should be patched for both Plone 4 and Plone 5 if we stick to plone.protect 3.x for both Plone 4 and 5)
B) webdav can be done once we have know where to base Zope on. (Zope 2.13.X, Zope 4.X)
C) plone.protect also disables Products.PluggableAuthServices getCSRFToken and checkCSRFToken, presumably because these are the older CRSF protection framewok methods that are now taken over by plone.protect 3.X . Should that CSRF part be removed completely from Products.PluggableAuthServices?
The text was updated successfully, but these errors were encountered: