/** * Allow execution of unguarded writes. This is ONLY appropriate for use in * script contexts or other contexts where you are guaranteed to never be * vulnerable to CSRF concerns. Calling this method is EXTREMELY DANGEROUS * if you do not understand the consequences. * * If you need to perform unguarded writes on an otherwise guarded workflow * which is vulnerable to CSRF, use @{method:beginUnguardedWrites}. * * @return void * @task disable */ public static function allowDangerousUnguardedWrites($allow) { if (self::$instance) { throw new Exception("You can not unconditionally disable AphrontWriteGuard by calling " . "allowDangerousUnguardedWrites() while a write guard is active. Use " . "beginUnguardedWrites() to temporarily allow unguarded writes."); } self::$allowUnguardedWrites = true; }
/** * Allow execution of unguarded writes. This is ONLY appropriate for use in * script contexts or other contexts where you are guaranteed to never be * vulnerable to CSRF concerns. Calling this method is EXTREMELY DANGEROUS * if you do not understand the consequences. * * If you need to perform unguarded writes on an otherwise guarded workflow * which is vulnerable to CSRF, use @{method:beginUnguardedWrites}. * * @return void * @task disable */ public static function allowDangerousUnguardedWrites($allow) { if (self::$instance) { throw new Exception(pht('You can not unconditionally disable %s by calling %s while a write ' . 'guard is active. Use %s to temporarily allow unguarded writes.', __CLASS__, __FUNCTION__ . '()', 'beginUnguardedWrites()')); } self::$allowUnguardedWrites = true; }