22 May
2014
22 May
'14
10:10 a.m.
Am 22.05.2014 10:41, schrieb Rosali:
Not all crons run in CLI mode. You can't run in CLI mode if you want to give users the ability to use external cronjob services unless you use a script which is called by the external service by HTTP to start a shell script.
which completly defeats the idea of CSRF
If the session start is necessary for CSFR prevention then please think about the suggested GET param (_nosess=1)