Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[docs] Make clear that sesskey is CSRF token. #1083

Merged
merged 1 commit into from
Aug 9, 2024
Merged

[docs] Make clear that sesskey is CSRF token. #1083

merged 1 commit into from
Aug 9, 2024

Conversation

kabalin
Copy link
Collaborator

@kabalin kabalin commented Jul 18, 2024
edited
Loading

sesskey is often confused with Moodle Session ID cookie. This change updates Session Key section at Cross-site request forgery page, clarifying its purpose as CSRF token.

Rendered page: https://deploy-preview-1083--moodledevdocs.netlify.app/general/development/policies/security/crosssite-request-forgery#session-key

@netlify Netlify
Copy link

netlify bot commented Jul 18, 2024
edited
Loading

Deploy Preview for moodledevdocs ready!

Built without sensitive environment variables

Name Link
🔨 Latest commit feb0af5
🔍 Latest deploy log https://app.netlify.com/sites/moodledevdocs/deploys/66b51643686d990008278218
😎 Deploy Preview https://deploy-preview-1083--moodledevdocs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 18, 2024
edited
Loading

⚡️ Lighthouse report for the deploy preview of this PR

URL Performance Accessibility Best Practices SEO PWA Report
/ 🔴 44 🟢 95 🟢 100 🟢 90 🟢 100 Report
/docs/4.4/apis/commonfiles 🟠 66 🟢 93 🟢 100 🟢 100 🟢 100 Report
/general/development/gettingstarted 🟠 77 🟢 95 🟢 100 🟢 90 🟢 100 Report
/general/releases 🟠 64 🟢 95 🟢 100 🟢 100 🟢 100 Report

@kabalin kabalin requested a review from mickhawkins July 19, 2024 09:48
andrewnicols
andrewnicols requested changes Jul 29, 2024
View reviewed changes
Copy link
Member

@andrewnicols andrewnicols left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for adding the clarification. Just a few tidyups.

general/development/policies/security/crosssite-request-forgery.md Outdated Show resolved Hide resolved
general/development/policies/security/crosssite-request-forgery.md Outdated Show resolved Hide resolved
general/development/policies/security/crosssite-request-forgery.md Outdated Show resolved Hide resolved
@kabalin
Copy link
Collaborator Author

kabalin commented Jul 29, 2024

Thanks for adding the clarification. Just a few tidyups.

Thanks Andrew!

@kabalin
Copy link
Collaborator Author

kabalin commented Aug 8, 2024
edited
Loading

Squashed Andrews's improvements and rebased. Kindly asking @mickhawkins to review it and merge. Thanks! :)

@kabalin kabalin requested a review from andrewnicols August 9, 2024 09:24
@andrewnicols andrewnicols added this pull request to the merge queue Aug 9, 2024
Merged via the queue into moodle:main with commit c573804 Aug 9, 2024
6 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewnicols andrewnicols andrewnicols approved these changes

@mickhawkins mickhawkins Awaiting requested review from mickhawkins

Assignees

@kabalin kabalin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kabalin @andrewnicols