Topics tagged backend-url-secret-key

Topic	Replies	Views	Activity
All the Magento 2 websites based on the latest 2.1.6 and or an earlier version with the disabled «Add Secret Key to URLs» option are vulnerable to DC-2017-04-003 (Remote Code Execution, CSRF)) News security , backend-url-secret-key , news	0	956	April 14, 2017
How are the setNoSecret() / getNoSecret() methods of the \Magento\Backend\Model\Url class used? Development backend , backend-url-secret-key , backend-url , build-url , url	1	1257	May 21, 2016
How to skip adding the secret key to a programmatically built backend URL using the «_nosecret» parameter? Development backend , backend-url-secret-key , backend-url , build-url , url	1	1834	May 30, 2016
How to remove the secret key from the backend URLs? Documentation configuration-advanced , backend , backend-url-secret-key , configuration , session , backend-url , url	1	4581	May 21, 2016
How is the «Add Secret Key to URLs» backend option implemented and used? Development configuration-advanced , backend , backend-url-secret-key , configuration , backend-url , url	1	3122	May 21, 2016
How is \Magento\Backend\Model\Url::useSecretKey() implemented and used? Development configuration-advanced , backend , backend-url-secret-key , configuration , backend-url , url	1	2353	May 21, 2016