Merge pull request #728 from joomlatools/feature/727-jwt

amazeika · web-flow · commit b109ac44678e · 2025-02-04T10:09:39.000+01:00
CSRF vulnerability
diff --git a/code/libraries/joomlatools/library/http/token/token.php b/code/libraries/joomlatools/library/http/token/token.php
@@ -444,7 +444,7 @@ public function fromString($token)
                 $this->setAlgorithm('none');
             }
         }
-        else throw new InvalidArgumentException(sprintf('The token "%s" is an invalid JWT', $token));
+        else throw new InvalidArgumentException('The token is an invalid JWT');
 
         return $this;
     }

Original file line number	Diff line number	Diff line change
`@@ -444,7 +444,7 @@ public function fromString($token)`
`444`	`444`	`$this->setAlgorithm('none');`
`445`	`445`	`}`
`446`	`446`	`}`
`447`		`- else throw new InvalidArgumentException(sprintf('The token "%s" is an invalid JWT', $token));`
	`447`	`+ else throw new InvalidArgumentException('The token is an invalid JWT');`
`448`	`448`
`449`	`449`	`return $this;`
`450`	`450`	`}`