AS1024
/
Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Kanboard-Prod/tests/units/Core/Security
History
irdc 4b76bc5b32
Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data 
* Use a HMAC to sign and validate CSRF tokens, instead of generating random
ones and storing them in the session data. Reduces number of writes to
sessions table and fixes kanboard issue #4942.
* Added missing CSRF check for starting/stopping subtask timers.

Co-authored-by: Willemijn Coene <willemijn@irdc.nl>
 		2022-09-17 17:23:41 -07:00
..
AccessMapTest.php Return the highest role for a project when a user is member of multiple groups 2016-01-18 21:20:35 -05:00
AuthenticationManagerTest.php PHP 8 Compatibility 2022-02-05 11:49:03 -08:00
AuthorizationTest.php Rewrite of the authentication and authorization system 2015-12-05 20:31:27 -05:00
RoleTest.php Custom project roles inherit from project members 2016-09-08 20:44:03 -04:00
TokenTest.php Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data 2022-09-17 17:23:41 -07:00