|
ILIAS
release_8 Revision v8.19
|
Interface ilCtrlSecurityInterface provides ilCtrl security information. More...
Inheritance diagram for ilCtrlSecurityInterface: Collaboration diagram for ilCtrlSecurityInterface:Public Member Functions | |
| getUnsafeGetCommands () | |
| This method must return a list of unsafe GET commands. More... | |
| getSafePostCommands () | |
| This method must return a list of safe POST commands. More... | |
Interface ilCtrlSecurityInterface provides ilCtrl security information.
Information gathered by this interface is stored in an artifact as well. Currently, the only purpose is to gather a list of safe commands which determines whether a CSRF-protection is necessary.
Definition at line 15 of file interface.ilCtrlSecurityInterface.php.
| ilCtrlSecurityInterface::getSafePostCommands | ( | ) |
This method must return a list of safe POST commands.
Safe post commands returned by this method will no longer be CSRF protected and will NOT be appended by an ilCtrlToken.
Implemented in ilObjForumGUI, ilLMPresentationGUI, ilObjChatroomGUI, ilPasswordAssistanceGUI, ilStartUpGUI, ilObjComponentSettingsGUI, and ilCtrlCommandClass1TestGUI.
| ilCtrlSecurityInterface::getUnsafeGetCommands | ( | ) |
This method must return a list of unsafe GET commands.
Unsafe get commands returned by this method will now be CSRF protected, which means an ilCtrlToken is appended each time a link-target is generated to the class implementing this interface with a command from that list.
Tokens will be validated in
Implemented in ilObjForumGUI, ilLMPresentationGUI, ilObjChatroomGUI, ilPasswordAssistanceGUI, ilStartUpGUI, ilObjComponentSettingsGUI, and ilCtrlCommandClass1TestGUI.
1.8.13 (using Doxyfile)
