[EZP-23074] Missing form token meta tags when browsing legacy modules - eZ Systems JIRA tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: High
Resolution: Fixed
Affects Version/s: 2014.05, 5.3.2
Fix Version/s: Customer request, 2014.07, 5.3.2, 5.4.0-beta1
Component/s: Legacy > Extensions > eZ Form Token, Legacy > Extensions > eZ Image Editor, Platform stack
Labels:
None

Sprint:
Castor Core S2

Description

When using a Twig layout for legacy modules (frontend only, backend is fine as using legacy_mode), ezxFormToken::output() cannot add meta tags containing the CSRF token, as when it is triggered by legacy kernel, the layout has not been rendered yet. This makes legacy JS unable to use this token when doing POST requests, triggering exceptions.

Example with eZIE

After opening eZIE in the frontend (SF stack), closing the window with either 'save and close' or 'quit' will result in an error being shown.

The response includes an exception "Missing form token from Request"

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

ss_ezie_error.png
145 kB
26/Jun/14 4:22 PM

Issue Links

blocks

EZP-23071 Clicking on the eZIE edit button doesn't do anything

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Joao Inacio (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 26/Jun/14 4:18 PM

Updated:: 29/Jul/14 2:16 PM

Resolved:: 14/Jul/14 9:22 AM

Time Tracking

Estimated:

Not Specified

Remaining:

Logged: