Hi, The checkout process forms will not be affected as stoken check has been already implemented in previous releases in the critical forms like checkout and user information change.
Regards Tomas Liubinas From: dev-general-boun...@lists.oxidforge.org [mailto:dev-general-boun...@lists.oxidforge.org] On Behalf Of Lange, Björn Sent: Thursday, September 25, 2014 5:22 PM To: dev-general@lists.oxidforge.org Subject: Re: [oxid-dev-general] Security improvement: Dynamic security token check $cache=false 2014-09-25 16:13 GMT+02:00 mobilemojo - Robert Rieser <robert.rie...@mobilemojo.de<mailto:robert.rie...@mobilemojo.de>>: Hi Marco, Also thanks for this important note from my side! Also it will affect the eShop Mobile iPhone, iPad + Android Apps, in the complete checkout process. regards, Robert -- Robert Rieser Inhaber B.Sc. Wirtschaftsinformatik mCommerce Specialist mobilemojo Jörg Tochtermann, Robert Rieser und Rüdiger Hajduk GbR Balthasar-Neumann Str. 4b 97236 Randersacker Office - Zentrale: +49(0) 931 – 66 39 8 39-0 Durchwahl: Mobil: +49(0) 931 – 66 39 8 39-1 +49(0) 179 – 68 62 470<tel:%2B49%280%29%20179%20%E2%80%93%2068%2062%20470> Fax: +49(0) 931 – 66 39 8 39-9 Email: rob...@mobilemojo.de<mailto:rob...@mobilemojo.de> Web & Mobile: http://www.mobilemojo.de<http://www.mobilemojo.de/> Von: Joscha Krug <k...@marmalade.de<mailto:k...@marmalade.de>> Antworten an: "dev-general@lists.oxidforge.org<mailto:dev-general@lists.oxidforge.org>" <dev-general@lists.oxidforge.org<mailto:dev-general@lists.oxidforge.org>> Datum: Donnerstag, 25. September 2014 16:09 An: "dev-general@lists.oxidforge.org<mailto:dev-general@lists.oxidforge.org>" <dev-general@lists.oxidforge.org<mailto:dev-general@lists.oxidforge.org>> Betreff: Re: [oxid-dev-general] Security improvement: Dynamic security token check Hello Marco, Thanks for the information! Could someone from the devs explain the background? This will not be so easy to implement automaticly as i affects a lot of templates. Best regards, Joscha //--------- Joscha Krug marmalade GmbH www.marmalade.de<http://www.marmalade.de/> k...@marmalade.de<mailto:k...@marmalade.de> Leibnizstr.25 39104 Magdeburg GERMANY phone: +49 (0) 391 / 559 22 104<tel:%2B49%20%280%29%20391%20%2F%20559%2022%20104> fax: +49 (0) 391 / 559 22 106<tel:%2B49%20%280%29%20391%20%2F%20559%2022%20106> Am 25.09.2014 16:01, schrieb Marco Steinhaeuser: Hi everybody, just added an important section to the release notes of the upcoming OXID eShop version 4.9/5.2: The dynamic security token parameter check was expanded to all forms and action URLs. This is important for you to know especially if you're running functions like to_basket etc... Read more about it here: http://wiki.oxidforge.org/Downloads/4.9.0_5.2.0#Security_improvement:_Dynamic_security_token_check Please head back for any questions about it and the other stuff at this release notes page. Best regards! Marco _______________________________________________ dev-general mailing list dev-general@lists.oxidforge.org<mailto:dev-general@lists.oxidforge.org>http://dir.gmane.org/gmane.comp.php.oxid.general _______________________________________________ dev-general mailing list dev-general@lists.oxidforge.org<mailto:dev-general@lists.oxidforge.org> http://dir.gmane.org/gmane.comp.php.oxid.general -- ______________________________________________________________ WBL Konzept GmbH Björn Simon Lange Geschäftsführender Gesellschafter Bilker Straße 34 40213 Düsseldorf Telefon: 0211 942 120 30 | Fax: 0211 942 120 32 www.wbl-konzept.de<http://www.wbl-konzept.de/> | www.facebook.com/wbl.konzept<http://www.facebook.com/wbl.konzept> | b.la...@wbl-konzept.de<mailto:b.la...@wbl-konzept.de> ______________________________________________________________ Registereintrag: Registergericht: Amtsgericht Düsseldorf, Registernummer: HRB 68990 Vertreten durch: Herr Daniel Beerden<mailto:d.beer...@wbl-konzept.de> und Herr Björn Simon Lange<mailto:b.la...@wbl-konzept.de>
_______________________________________________ dev-general mailing list dev-general@lists.oxidforge.org http://dir.gmane.org/gmane.comp.php.oxid.general