mirror of
https://github.com/nextcloud/all-in-one.git
synced 2025-12-25 17:06:55 +00:00
22 lines
1.4 KiB
Markdown
22 lines
1.4 KiB
Markdown
|
# Change Log
|
||
|
|
|
||
|
|
## 2016-08-14
|
||
|
|
|
||
|
|
Now supports "persistence mode", to persist a single CSRF name/value pair throughout the life of a user's session. Added the following methods:
|
||
|
|
|
||
|
|
- `protected getLastKeyPair` - gets the most recently generated key/value pair from storage.
|
||
|
|
- `protected loadLastKeyPair` - gets the most recently generated key/value pair from storage, and assign it to `$this->keyPair`.
|
||
|
|
- `public setPersistentTokenMode`
|
||
|
|
- `public getPersistentTokenMode`
|
||
|
|
|
||
|
|
Note that if CSRF token validation fails, then the token should be renewed regardless of the persistence setting.
|
||
|
|
|
||
|
|
The methods `getTokenName` and `getTokenValue` now return `null` if `$this->keyPair` has not yet been set.
|
||
|
|
|
||
|
|
### Tests added:
|
||
|
|
|
||
|
|
- `testPersistenceModeTrueBetweenRequestsArray` - Token should persist between requests after initial creation, when stored in an array.
|
||
|
|
- `testPersistenceModeTrueBetweenRequestsArrayAccess` - Token should persist between requests after initial creation, when stored in an ArrayObject.
|
||
|
|
- `testPersistenceModeFalseBetweenRequestsArray` - Token should be changed between requests, when stored in an array.
|
||
|
|
- `testPersistenceModeFalseBetweenRequestsArrayAccess` - Token should be changed between requests, when stored in an ArrayObject.
|
||
|
|
- `testUpdateAfterInvalidTokenWithPersistenceModeTrue` - New token should be generated after an invalid request, even if persistence mode is enabled.
|