Artifact 25d9059c9670337d0e2b9e22d791be209a3be77ebd5ff1a985dfaecef64d0e36:
- File src/fossil.page.whistory.js — part of check-in [abdf2805fe] at 2023-12-24 15:22:17 on branch trunk — Fix /whistory page: prevent <var>csrf</var> parameter from appearing within a query string when requesting a <tt>diff</tt>. <var>csrf</var> started to appear in a query due to <tt>[/timeline?r=csrf-defense-enhancement|csrf-defense-enhancement]</tt>: <code>form_begin()</code> [/fdiff?v1=9ab558549b3ca653&v2=b86a42cf7932f1cd|unconditionally generates] a hidden input with <var>csrf</var> token since [88a402fe2a5641]. This check-in addapts /whistory page to the new behaviour. (user: george size: 4586) [more...]
A hex dump of this file is not available. Please download the raw binary file and generate a hex dump yourself.