Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
MyShaarli/application
History
VirtualTam ebf6151738 SessionManager: remove unused UID token 
There already are dedicated tokens for:
- CSRF protection
- user stay-signed-in feature, via cookie

This token was most likely intended as a randomly generated,
server-side, secret key to be used when generating hashes.

See http://sebsauvage.net/wiki/doku.php?id=php:session [FR]

Relevant section:

  Une clé secrète unique aléatoire est générée côté serveur (et jamais
  envoyée). Elle peut servir pour signer les formulaires (HMAC) ou
  générer des token de formulaires (protection contre XSRF).
  Voir $_SESSION['uid'].

Translation:

  A unique, server-side secret key is randomly generated (and never
  transmitted). It can be used to sign forms (HMAC) or generate form
  tokens (protection against XSRF).
  See $_SESSION['uid']

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-06-02 16:46:06 +02:00
..
api PSR: use elseif instead of else if 2018-02-28 22:34:40 +01:00
config Use a specific page title in all pages 2018-02-24 12:48:49 +01:00
exceptions Shaarli's translation 2017-10-22 12:55:03 +02:00
security SessionManager: remove unused UID token 2018-06-02 16:46:06 +02:00
.htaccess .htaccess files: support Apache 2.4+ syntax 2016-11-08 11:38:14 +01:00
ApplicationUtils.php Shaarli's translation 2017-10-22 12:55:03 +02:00
Base64Url.php API: fix JWT signature verification 2017-01-04 16:59:47 +01:00
Cache.php Shaarli's translation 2017-10-22 12:55:03 +02:00
CachedPage.php Cleanup: remove unused variables 2017-01-05 19:51:50 +01:00
FeedBuilder.php Don't URL encode description links if parameter 'redirector.encode_url' is set to false 2017-11-07 20:23:58 +01:00
FileUtils.php PSR: use elseif instead of else if 2018-02-28 22:34:40 +01:00
History.php Shaarli's translation 2017-10-22 12:55:03 +02:00
HttpUtils.php Refactor client session hijacking protection 2018-05-29 22:53:54 +02:00
Languages.php German language created (#1114) 2018-04-15 14:53:09 +02:00
LinkDB.php Merge pull request #962 from ArthurHoaro/feature/perfs2 2017-10-28 12:44:44 +02:00
LinkFilter.php PSR: use elseif instead of else if 2018-02-28 22:34:40 +01:00
LinkUtils.php Support redirection in cURL download callback 2018-05-01 16:44:51 +02:00
NetscapeBookmarkUtils.php PSR: use elseif instead of else if 2018-02-28 22:34:40 +01:00
PageBuilder.php Login: update PageBuilder and default/vintage templates 2018-06-02 16:46:06 +02:00
PluginManager.php Shaarli's translation 2017-10-22 12:55:03 +02:00
Router.php Adds a taglist view with edit/delete buttons 2017-05-25 15:25:04 +02:00
ThemeUtils.php Robustness: safer RainTPL directory handling 2017-09-28 21:57:20 +02:00
TimeZone.php Change timezone data structure send to the templates 2017-04-03 19:24:55 +02:00
Updater.php Make max download size and timeout configurable 2018-03-07 23:03:21 +01:00
Url.php PSR: use elseif instead of else if 2018-02-28 22:34:40 +01:00
Utils.php Move session ID check to SessionManager 2017-10-22 19:54:44 +02:00