Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-21078

Missing CSRF token causes warning that the content will be executed in restricted mode to be displayed when creating an XClass

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Blocker
    • 15.6-rc-1, 14.10.14, 15.5.1
    • 15.2-rc-1, 14.10.7
    • XClass
    • Windows 11 Pro, Edge 114, using a local instance of XWiki 15.5 on Oracle 19c, Tomcat 9.0.76
    • Unknown
    • N/A
    • N/A

    Description

      Steps to reproduce

      1. Login as Admin
      2. Go to http://localhost:8080/bin/view/XWiki/XWikiClasses
      3. Under 'Create a new data type' section, insert a Title for a new class
      4. Click 'Create this Class' button

      Expected results

      No warning is displayed on the top of the page.

      Actual results

      The following warning is displayed:

      Warning: For security reasons, the 
      content of the edited document is executed in restricted mode, as the 
      edit was not  initiated by a validated request. There may be unexpected 
      errors due to this.

      The issue could not be reproduced on XWiki 14.10.6.

      Attachments

        Activity

          People

            surli Simon Urli
            iandriuta Ilie Andriuta
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: