Re: Problem with sfJqueryReloadedPlugin
Tom Boutell
sfJqueryReloadedPlugin google group. I don't really use this plugin
anymore, but we do have it kicking around in a couple of projects and
this is a very simple and correct change
On Tue, Apr 26, 2011 at 10:16 PM, JOSE FERNANDO CASTILLO ROSAS
<jfcr...@gmail.com> wrote:
> hi tom greetings from mexico
>
> I think I found a solution to the problem of CSRF in the plugin. Because
> when you first install it to make a jq_link_to_remote and if the function
> has CSRF protection symfony send an error "_csrf_token [CSRF attack
> detected.]
>
> The problem is in the file jQueryHelper.php
> After spending several hours analyzing the code, compare the code that
> generates the link_to function. First glance everything seemed normal but
> approaching the problem from another direction to see how I
> checkCSRFProtection function () sfWebRequest.class.php file and found the
> answer here.
>
> At line 915 of file sfWebRequest.class.php says:
> $ form = new BaseForm ();
>
> But in line 335 of file jQueryHelper.php says:
> $ form = new sfForm ();
>
> Gosh, just change the sForm by BaseForm jQueryHelper.php the plugin file and
> voila! worked to perfection.
>
> I kindly request that you can make a correction or if not a defect if you
> could explain more fully in the README.
>
> Thanks, great plugin makes life easier
--
Tom Boutell
P'unk Avenue
215 755 1330
punkave.com
window.punkave.com