Index: lams_central/conf/security/Owasp.CsrfGuard.properties =================================================================== diff -u -rf04cfe28c0e223b4feca038d911fcb6ce2f40032 -r6116054d29807ae2c1f274fc324a507c2b3a0910 --- lams_central/conf/security/Owasp.CsrfGuard.properties (.../Owasp.CsrfGuard.properties) (revision f04cfe28c0e223b4feca038d911fcb6ce2f40032) +++ lams_central/conf/security/Owasp.CsrfGuard.properties (.../Owasp.CsrfGuard.properties) (revision 6116054d29807ae2c1f274fc324a507c2b3a0910) @@ -13,6 +13,7 @@ org.owasp.csrfguard.protected.chatSubmissionDeadline=/lams/tool/lachat11/monitoring/setSubmissionDeadline.do org.owasp.csrfguard.protected.forumAuthoringSave=/lams/tool/lafrum11/authoring/update.do org.owasp.csrfguard.protected.forumSubmissionDeadline=/lams/tool/lafrum11/monitoring/setSubmissionDeadline.do +org.owasp.csrfguard.protected.forumUpdateMark=/lams/tool/lafrum11/monitoring/updateMark.do org.owasp.csrfguard.protected.lamcSubmissionDeadline=/lams/tool/lamc11/monitoring/setSubmissionDeadline.do org.owasp.csrfguard.protected.laqaSubmissionDeadline=/lams/tool/laqa11/monitoring/setSubmissionDeadline.do org.owasp.csrfguard.protected.mindmapSubmissionDeadline=/lams/tool/lamind10/monitoring/setSubmissionDeadline.do @@ -27,4 +28,4 @@ # Actions to take when a CSRF attack is attempted org.owasp.csrfguard.action.Log=org.owasp.csrfguard.action.Log -org.owasp.csrfguard.action.Log.Message=CSRF attack (user: %user%, ip: %remote_ip%, uri:%request_uri%, error: %exception_message%) \ No newline at end of file +org.owasp.csrfguard.action.Log.Message=CSRF attack (user: %user%, ip: %remote_ip%, uri:%request_uri%, error: %exception_message%) Index: lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/controller/MonitoringController.java =================================================================== diff -u -r1beaa4cc5e224dd433297d543c5511234c0bfc10 -r6116054d29807ae2c1f274fc324a507c2b3a0910 --- lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/controller/MonitoringController.java (.../MonitoringController.java) (revision 1beaa4cc5e224dd433297d543c5511234c0bfc10) +++ lams_tool_forum/src/java/org/lamsfoundation/lams/tool/forum/web/controller/MonitoringController.java (.../MonitoringController.java) (revision 6116054d29807ae2c1f274fc324a507c2b3a0910) @@ -629,7 +629,7 @@ /** * Update mark for a special user */ - @RequestMapping("/updateMark") + @RequestMapping(path = "/updateMark", method = RequestMethod.POST) public String updateMark(@ModelAttribute MarkForm markForm, HttpServletRequest request, HttpServletResponse response) { Index: lams_tool_forum/web/jsps/monitoring/updatemarks.jsp =================================================================== diff -u -raced7ba6c1e7c5a9a50d3f64d8cdd96dd7e76194 -r6116054d29807ae2c1f274fc324a507c2b3a0910 --- lams_tool_forum/web/jsps/monitoring/updatemarks.jsp (.../updatemarks.jsp) (revision aced7ba6c1e7c5a9a50d3f64d8cdd96dd7e76194) +++ lams_tool_forum/web/jsps/monitoring/updatemarks.jsp (.../updatemarks.jsp) (revision 6116054d29807ae2c1f274fc324a507c2b3a0910) @@ -11,8 +11,9 @@ + - +