This is an automated email from the ASF dual-hosted git repository. jleroux pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git The following commit(s) were added to refs/heads/trunk by this push: new 5c534a9 Fixed: POC for CSRF Token (OFBIZ-11306) 5c534a9 is described below commit 5c534a9f9824c5bac1c8312a8d50063ca8b5e766 Author: Jacques Le Roux AuthorDate: Mon Apr 6 12:12:39 2020 +0200 Fixed: POC for CSRF Token (OFBIZ-11306) Fixes missing default NoCsrfDefenseStrategy in Header.ftl files --- themes/bluelight/template/Header.ftl | 2 +- themes/flatgrey/template/Header.ftl | 2 +- themes/rainbowstone/template/includes/Header.ftl | 2 +- themes/tomahawk/template/Header.ftl | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/themes/bluelight/template/Header.ftl b/themes/bluelight/template/Header.ftl index f4bbff9..3921b99 100644 --- a/themes/bluelight/template/Header.ftl +++ b/themes/bluelight/template/Header.ftl @@ -28,7 +28,7 @@ under the License. - <#assign csrfDefenseStrategy = Static["org.apache.ofbiz.entity.util.EntityUtilProperties"].getPropertyValue("security", "csrf.defense.strategy", delegator)> + <#assign csrfDefenseStrategy = Static["org.apache.ofbiz.entity.util.EntityUtilProperties"].getPropertyValue("security", "csrf.defense.strategy", "org.apache.ofbiz.security.NoCsrfDefenseStrategy", delegator)> <#if csrfDefenseStrategy != "org.apache.ofbiz.security.NoCsrfDefenseStrategy"> diff --git a/themes/flatgrey/template/Header.ftl b/themes/flatgrey/template/Header.ftl index bbe4eb3..b74b46e 100644 --- a/themes/flatgrey/template/Header.ftl +++ b/themes/flatgrey/template/Header.ftl @@ -24,7 +24,7 @@ under the License. - <#assign csrfDefenseStrategy = Static["org.apache.ofbiz.entity.util.EntityUtilProperties"].getPropertyValue("security", "csrf.defense.strategy", delegator)> + <#assign csrfDefenseStrategy = Static["org.apache.ofbiz.entity.util.EntityUtilProperties"].getPropertyValue("security", "csrf.defense.strategy", "org.apache.ofbiz.security.NoCsrfDefenseStrategy", delegator)> <#if csrfDefenseStrategy != "org.apache.ofbiz.security.NoCsrfDefenseStrategy"> diff --git a/themes/rainbowstone/template/includes/Header.ftl b/themes/rainbowstone/template/includes/Header.ftl index 71ba16f..7b1d016 100644 --- a/themes/rainbowstone/template/includes/Header.ftl +++ b/themes/rainbowstone/template/includes/Header.ftl @@ -24,7 +24,7 @@ under the License. - <#assign csrfDefenseStrategy = Static["org.apache.ofbiz.entity.util.EntityUtilProperties"].getPropertyValue("security", "csrf.defense.strategy", delegator)> + <#assign csrfDefenseStrategy = Static["org.apache.ofbiz.entity.util.EntityUtilProperties"].getPropertyValue("security", "csrf.defense.strategy", "org.apache.ofbiz.security.NoCsrfDefenseStrategy", delegator)> <#if csrfDefenseStrategy != "org.apache.ofbiz.security.NoCsrfDefenseStrategy"> diff --git a/themes/tomahawk/template/Header.ftl b/themes/tomahawk/template/Header.ftl index d01ae9c..ab07096 100644 --- a/themes/tomahawk/template/Header.ftl +++ b/themes/tomahawk/template/Header.ftl @@ -28,7 +28,7 @@ under the License. - <#assign csrfDefenseStrategy = Static["org.apache.ofbiz.entity.util.EntityUtilProperties"].getPropertyValue("security", "csrf.defense.strategy", delegator)> + <#assign csrfDefenseStrategy = Static["org.apache.ofbiz.entity.util.EntityUtilProperties"].getPropertyValue("security", "csrf.defense.strategy", "org.apache.ofbiz.security.NoCsrfDefenseStrategy", delegator)> <#if csrfDefenseStrategy != "org.apache.ofbiz.security.NoCsrfDefenseStrategy">