eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-27 01:46:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Initial import

Browse source
This commit is contained in:
Nextcloud Team 2021-11-30 11:20:42 +01:00 committed by Lukas Reschke
commit 2295a33590
884 changed files with 93939 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

22
php/vendor/slim/csrf/CHANGELOG.md vendored Normal file
View file

@ -0,0 +1,22 @@
# Change Log
## 2016-08-14
Now supports "persistence mode", to persist a single CSRF name/value pair throughout the life of a user's session. Added the following methods:
- `protected getLastKeyPair` - gets the most recently generated key/value pair from storage.
- `protected loadLastKeyPair` - gets the most recently generated key/value pair from storage, and assign it to `$this->keyPair`.
- `public setPersistentTokenMode`
- `public getPersistentTokenMode`
Note that if CSRF token validation fails, then the token should be renewed regardless of the persistence setting.
The methods `getTokenName` and `getTokenValue` now return `null` if `$this->keyPair` has not yet been set.
### Tests added:
- `testPersistenceModeTrueBetweenRequestsArray` - Token should persist between requests after initial creation, when stored in an array.
- `testPersistenceModeTrueBetweenRequestsArrayAccess` - Token should persist between requests after initial creation, when stored in an ArrayObject.
- `testPersistenceModeFalseBetweenRequestsArray` - Token should be changed between requests, when stored in an array.
- `testPersistenceModeFalseBetweenRequestsArrayAccess` - Token should be changed between requests, when stored in an ArrayObject.
- `testUpdateAfterInvalidTokenWithPersistenceModeTrue` - New token should be generated after an invalid request, even if persistence mode is enabled.