projects / civicrm-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 114e1dd 66f5d60)
Merge branch 'security_core_71' into 'security-fixes'
authorseamuslee <seamus@nsw.greens.org.au>
Wed, 4 Dec 2019 05:15:59 +0000 (05:15 +0000)
committerseamuslee <seamus@nsw.greens.org.au>
Wed, 4 Dec 2019 05:15:59 +0000 (05:15 +0000)
commitf71371efb34f9d5c906959be15ee3a04396de651
tree500420e742eeea7349b3aea4c3c31c9bacef0ca5tree | snapshot (zip tar.gz)
parent114e1dd6812e8656ae1ede68b4fe753403533e02commit | diff
parent66f5d609435ad2bf017f67dabf48578f75f8de10commit | diff
Merge branch 'security_core_71' into 'security-fixes'

security/core#71 Only permit requests where there is the header `HTTP_X_REQUESTED_WITH` and it's value is XMLHttpRequest for APIv4 to prevent CSRF

See merge request security/core!94