Hi all, hope I am right, please do not ban me
!
Possible bug in php file view/objectDetail.php
Row 3949, document download:
echo '<a onClick="dojo.byId(\'printFrame\').src=\'../tool/download.php?class=DocumentVersion&id='.htmlEncode($version->id).'\';" ';
should be
echo '<a onClick="dojo.byId(\'printFrame\').src=\'../tool/download.php?class=DocumentVersion&id='.htmlEncode($version->id).
Security::addTokenIndexToUrl().'\';" ';
as commented out in row 3943, right?
During my 12.0.1 to 12.2.1 upgrade all works fine except when I try to download a file it generates a "try to hack detected".
Investigating I found that the request CSRF token was missing...so the "try to hack detected" is right.
Deeper investingating I found that csrf token was missing on Document download objectDetail.php file.
Hope i am not wrong.....otherwise the problem on my environment is in another part......
My best regards,
Agharta
Supportez nous sur Capterra
STOP INFO
