"f58805fb9cf627da9470aa65cb6297e32c24dbdf" (history) in projects: plugin

Searched hist:f58805fb9cf627da9470aa65cb6297e32c24dbdf (Results 1 – 1 of 1) sorted by relevance

/plugin/annotations/
H A D	action.php	`f58805fb9cf627da9470aa65cb6297e32c24dbdf Sat May 23 05:08:07 UTC 2026 tracker-user <82045103+tracker-user@users.noreply.github.com> Accept the CSRF token from the JSON request body checkSecurityToken() reads the token from $_REQUEST, which is empty when the AJAX request body is application/json. Copy the payload's sectok into $_POST / $_REQUEST before the check so state-changing JSON requests validate instead of being rejected as forged. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>`