Skip to content

Commit

Permalink
- Fix CSRF token access for tigher TAL path expression security (fixes
Browse files Browse the repository at this point in the history 
…#99)
  • Loading branch information
@dataflake
dataflake committed Jun 8, 2021
1 parent 80b3344 commit 6476278
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
5 changes: 5 additions & 0 deletions CHANGES.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,11 @@ Change Log

2.6.3 (unreleased)
------------------

- Fix CSRF token access for tigher TAL path expression security in Zope 5.2.1
(`#99
<https://github.com/zopefoundation/Products.PluggableAuthService/issues/99>`_)

- Changed adding object gui to modal window

- Handle login issues for cookie based login when ``came_from`` is missing
Expand Down
1 change: 1 addition & 0 deletions src/Products/PluggableAuthService/configure.zcml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
name="csrf_token"
class=".utils.CSRFToken"
permission="zope.Public"
attribute="token"
/>

<include file="exportimport.zcml" />
Expand Down

0 comments on commit 6476278

Please sign in to comment.