Uploaded image for project: 'Test Reporting Application'
  1. Test Reporting Application
  2. TESTREPORT-36

Missing CSRF token causes warning that the content will be executed in restricted mode to be displayed when creating a test

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Critical
    • 2.8.2
    • 2.3
    • None
    • Windows 11 Pro, Edge 114, using a local instance of XWiki 15.5, Jetty/HSQLDB
    • Unknown

    Description

      Steps to reproduce

      1. In the Test Reporting App, click "Add Test" button (on the app's home page) or "Add new Test" (on a space page)
      2. Insert a name of a new test (and, if the case, the space name)
      3. Click "Add a new Test" button

      Expected results

      No warning is displayed on the top of the page.

      Actual results

      The following warning is displayed:

      Warning: For security reasons, the 
content of the edited document is executed in restricted mode, as the 
edit was not  initiated by a validated request. There may be unexpected 
errors due to this.

      The issue seems to reproduce since xwiki.org was upgraded to XWiki 14.10.11 (tested locally and reproduced also on XWiki 15.5).

      Attachments

        Activity

          People

            abrassat Brassat Alexandru
            iandriuta Ilie Andriuta
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: