Item10989: Cannot confirm validation request of CSRF protection if validation method is 'embedded' - no buttons displayed

If the validation method is embedded, that is, $Foswiki::cfg{Validation}{Method} = 'embedded' in LocalSite.cfg, and you issue an suspicious change request, you cannot confirm this request. You see the validation page, but the buttons (OK and Cancel) are not displayed.

The page is rendered according to the template templates/validate.tmpl. It includes the buttons but hides them using style="display:none". Looks like the class s1js_available provides some magic to display them if you are using the validation method onestrike and the browser has javascript enabled, but nothing is displayed in case of embedded.

-- KerstinPuschke - 19 Jul 2011

lets call this urgent!

-- SvenDowideit - 20 Jul 2011

Agree

-- KennethLavrsen - 30 Jul 2011

When you agree, could you please flip this to "Confirmed" so it doesn't have to be analysed again, thanks.

The problem is simply the template; it was a rush job after another fix and I never went back to restore the "embedded" capability.

-- CrawfordCurrie - 28 Aug 2011

Commenting is disabled while not logged in