az/morz-infoboard
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
morz-infoboard/server/backend/internal/httpapi/manage
History
Jesko Anschütz 47f65da228 fix(csrf): CSRF-Token für User-Logout in Manage- und Tenant-Dashboard 
- HandleManageUI übergibt CSRFToken korrekt ans Template (leeres Hidden-Field
  blockierte JS-Inject-Snippet)
- HandleTenantDashboard setzt CSRF-Cookie und befüllt CSRFToken in Template-Daten
- tenant/csrf_helpers.go: setCSRFCookie im tenant-Package (Import-Cycle-Isolation)
- Logout-Formular in tenantDashTmpl hat jetzt statisches CSRF-Hidden-Field
- Doku: POST /logout und POST /login mit CSRF-Anforderungen dokumentiert

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-24 14:26:52 +01:00
..
static UX Block 2: Lösch-Modals, Status-Page Deutsch, Transitions, lokale Assets, Accessibility 2026-03-23 11:03:04 +01:00
auth.go fix(csrf): CSRF-Token für User-Logout in Manage- und Tenant-Dashboard 2026-03-24 14:26:52 +01:00
csrf_helpers.go Security-Review + Phase 6: CSRF, Rate-Limiting, Tenant-Isolation, Screenshot, Ansible 2026-03-23 21:06:35 +01:00
media.go Security-Review + Phase 6: CSRF, Rate-Limiting, Tenant-Isolation, Screenshot, Ansible 2026-03-23 21:06:35 +01:00
playlist.go Security-Review + Phase 6: CSRF, Rate-Limiting, Tenant-Isolation, Screenshot, Ansible 2026-03-23 21:06:35 +01:00
register.go Security-Review + Phase 6: CSRF, Rate-Limiting, Tenant-Isolation, Screenshot, Ansible 2026-03-23 21:06:35 +01:00
static.go UX Block 2: Lösch-Modals, Status-Page Deutsch, Transitions, lokale Assets, Accessibility 2026-03-23 11:03:04 +01:00
templates.go fix(csrf): CSRF-Token für User-Logout in Manage- und Tenant-Dashboard 2026-03-24 14:26:52 +01:00
ui.go fix(csrf): CSRF-Token für User-Logout in Manage- und Tenant-Dashboard 2026-03-24 14:26:52 +01:00