[Vtigercrm-developers] crsf
Uma S
uma.s at vtiger.com
Thu Nov 27 13:28:37 GMT 2014
Hi Stacey,
This is added to avoid security attack through csrf (cross site request
forgery).
On Thu, Nov 27, 2014 at 4:54 PM, Stacey Johnson <stacey.johnson110 at gmail.com
> wrote:
> While creating email in workflows, vtiger adding following script:
>
>
> *<script type="text/javascript">if (top != self) {top.location.href =
> self.location.href;}</script><script type="text/javascript">var
> csrfMagicToken =
> "sid:2178860adb57f7667acab4a5af38e801ec39c421,1417087292";var csrfMagicName
> = "__vtrftk";</script><script src="libraries/csrf-magic/csrf-magic.js"
> type="text/javascript"></script>*
>
> What is it for and how to stop it?
>
> Regards
> Stacey
>
> _______________________________________________
> http://www.vtiger.com/
>
--
With
Best Regards
Uma.S
Vtiger Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20141127/aa17680d/attachment.html>
More information about the vtigercrm-developers
mailing list