mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-25 08:12:40 +01:00
4f8d07594e
Summary: The first dialog was being given the wrong user (`$user`, should be `$viewer`), leading to a CSRF issue. (The CSRF token it generated was invalid in all validation contexts, so this wasn't a security problem or a way to capture CSRF tokens for other users.) Use `newDialog()` instead. (This seems completely unrelated to the vaguely-similar-looking issues we saw earlier this week.) Test Plan: - Added a new email address. - Clicked "Done" on the last step. - Completed workflow instead of getting a CSRF error. Reviewers: chad, tide Reviewed By: tide Differential Revision: https://secure.phabricator.com/D16200 |
||
|---|---|---|
| .. | ||
| PhabricatorAccountSettingsPanel.php | ||
| PhabricatorActivitySettingsPanel.php | ||
| PhabricatorConpherencePreferencesSettingsPanel.php | ||
| PhabricatorDateTimeSettingsPanel.php | ||
| PhabricatorDesktopNotificationsSettingsPanel.php | ||
| PhabricatorDeveloperPreferencesSettingsPanel.php | ||
| PhabricatorDiffPreferencesSettingsPanel.php | ||
| PhabricatorDisplayPreferencesSettingsPanel.php | ||
| PhabricatorEditEngineSettingsPanel.php | ||
| PhabricatorEmailAddressesSettingsPanel.php | ||
| PhabricatorEmailDeliverySettingsPanel.php | ||
| PhabricatorEmailFormatSettingsPanel.php | ||
| PhabricatorEmailPreferencesSettingsPanel.php | ||
| PhabricatorExternalAccountsSettingsPanel.php | ||
| PhabricatorHomePreferencesSettingsPanel.php | ||
| PhabricatorMultiFactorSettingsPanel.php | ||
| PhabricatorPasswordSettingsPanel.php | ||
| PhabricatorSessionsSettingsPanel.php | ||
| PhabricatorSettingsPanel.php | ||
| PhabricatorSSHKeysSettingsPanel.php | ||
| PhabricatorTokensSettingsPanel.php | ||