4b76bc5b32
* Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data. Reduces number of writes to sessions table and fixes kanboard issue #4942. * Added missing CSRF check for starting/stopping subtask timers. Co-authored-by: Willemijn Coene <willemijn@irdc.nl>
2.8 KiB
2.8 KiB