[Owncloud] CSRF behaviour is annoying
thomas at tanghus.net
Sun Sep 16 12:40:47 UTC 2012
On Saturday 15 September 2012 19:15 Bernhard Posselt wrote:
> I think that should be built in, because every app needs it.
> On 09/15/2012 09:43 AM, Christian Reiner wrote:
> > On Saturday 15 September 2012 00:06:00 Bernhard Posselt wrote:
> >> What if there was a built in post request that renews the token?
> > This is exactly the solution I chose in my 'Shorty' app and described with
> > the previous mail. It is an ajax call that requests a fresh token some
> > minutes before the old one gets invalid.
Since everyone seems to agree that it's the best solution, and there's working
script for it, should we add it to core? I guess it can be categorized as a
Christian, are you up for it?
Med venlig hilsen / Best Regards
More information about the Owncloud