| # |
Jun 12th 2018, 14:03 |
 neon1024 |
@admad Just as a related aside, that usage of the Locator classes is correct is it? |
| # |
Jun 12th 2018, 14:03 |
neon1024 |
The one where I get the shiny make-stuff-happen buttons :zany_face: |
| # |
Jun 12th 2018, 14:02 |
neon1024 |
Oh right, er, member? |
| # |
Jun 12th 2018, 14:01 |
slackebot |
Action: josbeir loves bad jokes |
| # |
Jun 12th 2018, 14:01 |
josbeir |
i grinned |
| # |
Jun 12th 2018, 14:01 |
slackebot |
Action: admad slaps neothermic for this bad joke |
| # |
Jun 12th 2018, 14:00 |
neothermic |
woo, cake2 RC1!. Wait, what year is it? |
| # |
Jun 12th 2018, 14:00 |
admad |
merged and 2.0.0-RC1 released |
| # |
Jun 12th 2018, 13:57 |
admad |
you are already a contributor :) |
| # |
Jun 12th 2018, 13:56 |
neon1024 |
But only once approved by @admad :P |
| # |
Jun 12th 2018, 13:55 |
neon1024 |
..and on that day, I shall eat cake. |
| # |
Jun 12th 2018, 13:55 |
neon1024 |
One day I will earn contributor rights! |
| # |
Jun 12th 2018, 13:55 |
slackebot |
Action: neon1024 quickly checks the pr hasn’t already been merged |
| # |
Jun 12th 2018, 13:54 |
slackebot |
Action: neon1024 nods |
| # |
Jun 12th 2018, 13:54 |
neon1024 |
Like doing the Webservices plugin release? |
| # |
Jun 12th 2018, 13:48 |
admad |
have bigger fishes to fry :slightly_smiling_face: |
| # |
Jun 12th 2018, 13:48 |
josbeir |
its one of those.. hmm to core or not to core |
| # |
Jun 12th 2018, 13:48 |
josbeir |
:) |
| # |
Jun 12th 2018, 13:47 |
admad |
one time i wanted to add a support for `Html->meta('csrf')` to generate the tag @josbeir showEd but lazied out |
| # |
Jun 12th 2018, 13:46 |
slackebot |
Action: josbeir defeated |
| # |
Jun 12th 2018, 13:46 |
LubosR |
admad :D |
| # |
Jun 12th 2018, 13:46 |
josbeir |
:,( |
| # |
Jun 12th 2018, 13:46 |
neon1024 |
Such modesty! |
| # |
Jun 12th 2018, 13:46 |
admad |
but i am better of the best |
| # |
Jun 12th 2018, 13:45 |
admad |
its as safe as having a hidden form field with the token, which is what form helper does |
| # |
Jun 12th 2018, 13:45 |
LubosR |
josbeir, admad: you two are the best, thanks. going to give it a try |
| # |
Jun 12th 2018, 13:45 |
chrispecoraro |
@admad thanks! |
| # |
Jun 12th 2018, 13:45 |
josbeir |
<meta name="X-CSRF-Token" content="<?= $this->request->getParam('_csrfToken'); ?>"> |
| # |
Jun 12th 2018, 13:45 |
LubosR |
admad and what is the best way to get csfr token... is that something which is set in app.php and should I read? is it safe to paste it to html as meta tag? |
| # |
Jun 12th 2018, 13:44 |
admad |
s/with/which |
| # |
Jun 12th 2018, 13:44 |
admad |
set a meta tag with the token with js can read and use for header |
| # |
Jun 12th 2018, 13:43 |
admad |
LubosR: you can still create a post request by js and pass the csrf token using header |
| # |
Jun 12th 2018, 13:43 |
chrispecoraro |
I knew that... |
| # |
Jun 12th 2018, 13:42 |
admad |
@chrispecoraro tinyint(1) is how myself boolean is emulated in mysql since it doesn't have a real boolean type |
| # |
Jun 12th 2018, 13:42 |
LubosR |
josbeir admad, so the best is to add it to xhr and i guess easier to do it via FormHelper and submit whole form rather than creating data for post via javascript? |
| # |
Jun 12th 2018, 13:42 |
chrispecoraro |
Is this is the docs somewhere? |
| # |
Jun 12th 2018, 13:42 |
chrispecoraro |
@neon1024 thanks. |
| # |
Jun 12th 2018, 13:41 |
chrispecoraro |
ok, wonderful :slightly_smiling_face: |
| # |
Jun 12th 2018, 13:41 |
josbeir |
ok so Lubros, to avoid confusion, check your Application.php has CsrfProtectionMiddleware loaded, if yes: token is required, if not, check component etc |
| # |
Jun 12th 2018, 13:41 |
neon1024 |
@chrispecoraro Yeah, an `INT(1)` is marshalled by Cake as a boolean |
| # |
Jun 12th 2018, 13:41 |
admad |
in that case nothing you do in controller is gonna help :slightly_smiling_face: |