Hi, The checkout process forms will not be affected as stoken check has been already implemented in previous releases in the critical forms like checkout and user information change.
Regards Tomas Liubinas From: [email protected] [mailto:[email protected]] On Behalf Of Lange, Björn Sent: Thursday, September 25, 2014 5:22 PM To: [email protected] Subject: Re: [oxid-dev-general] Security improvement: Dynamic security token check $cache=false 2014-09-25 16:13 GMT+02:00 mobilemojo - Robert Rieser <[email protected]<mailto:[email protected]>>: Hi Marco, Also thanks for this important note from my side! Also it will affect the eShop Mobile iPhone, iPad + Android Apps, in the complete checkout process. regards, Robert -- Robert Rieser Inhaber B.Sc. Wirtschaftsinformatik mCommerce Specialist mobilemojo Jörg Tochtermann, Robert Rieser und Rüdiger Hajduk GbR Balthasar-Neumann Str. 4b 97236 Randersacker Office - Zentrale: +49(0) 931 – 66 39 8 39-0 Durchwahl: Mobil: +49(0) 931 – 66 39 8 39-1 +49(0) 179 – 68 62 470<tel:%2B49%280%29%20179%20%E2%80%93%2068%2062%20470> Fax: +49(0) 931 – 66 39 8 39-9 Email: [email protected]<mailto:[email protected]> Web & Mobile: http://www.mobilemojo.de<http://www.mobilemojo.de/> Von: Joscha Krug <[email protected]<mailto:[email protected]>> Antworten an: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Datum: Donnerstag, 25. September 2014 16:09 An: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Betreff: Re: [oxid-dev-general] Security improvement: Dynamic security token check Hello Marco, Thanks for the information! Could someone from the devs explain the background? This will not be so easy to implement automaticly as i affects a lot of templates. Best regards, Joscha //--------- Joscha Krug marmalade GmbH www.marmalade.de<http://www.marmalade.de/> [email protected]<mailto:[email protected]> Leibnizstr.25 39104 Magdeburg GERMANY phone: +49 (0) 391 / 559 22 104<tel:%2B49%20%280%29%20391%20%2F%20559%2022%20104> fax: +49 (0) 391 / 559 22 106<tel:%2B49%20%280%29%20391%20%2F%20559%2022%20106> Am 25.09.2014 16:01, schrieb Marco Steinhaeuser: Hi everybody, just added an important section to the release notes of the upcoming OXID eShop version 4.9/5.2: The dynamic security token parameter check was expanded to all forms and action URLs. This is important for you to know especially if you're running functions like to_basket etc... Read more about it here: http://wiki.oxidforge.org/Downloads/4.9.0_5.2.0#Security_improvement:_Dynamic_security_token_check Please head back for any questions about it and the other stuff at this release notes page. Best regards! Marco _______________________________________________ dev-general mailing list [email protected]<mailto:[email protected]>http://dir.gmane.org/gmane.comp.php.oxid.general _______________________________________________ dev-general mailing list [email protected]<mailto:[email protected]> http://dir.gmane.org/gmane.comp.php.oxid.general -- ______________________________________________________________ WBL Konzept GmbH Björn Simon Lange Geschäftsführender Gesellschafter Bilker Straße 34 40213 Düsseldorf Telefon: 0211 942 120 30 | Fax: 0211 942 120 32 www.wbl-konzept.de<http://www.wbl-konzept.de/> | www.facebook.com/wbl.konzept<http://www.facebook.com/wbl.konzept> | [email protected]<mailto:[email protected]> ______________________________________________________________ Registereintrag: Registergericht: Amtsgericht Düsseldorf, Registernummer: HRB 68990 Vertreten durch: Herr Daniel Beerden<mailto:[email protected]> und Herr Björn Simon Lange<mailto:[email protected]>
_______________________________________________ dev-general mailing list [email protected] http://dir.gmane.org/gmane.comp.php.oxid.general
