Jake B.
Well-known member
- Affected version
- 2.0.0 Release Candidate 2
In XF1 I could link to a style with a URL like this:
http://demo.themehouse.com/xf1/themes/misc/style?style_id=64
And it'd show guests that new theme automatically, and logged in users would be asked if they're sure since it wasn't submitted with the CSRF token. However, in XF2 I just get a security error if I try to do this: http://demo.themehouse.com/xf2/themes/index.php?misc/style&style_id=5
Not sure if this was intentional or not, but seems like it wouldn't be intentional since I've seen sites use direct links in header/footer to switch between dark and light themes, for example
http://demo.themehouse.com/xf1/themes/misc/style?style_id=64
And it'd show guests that new theme automatically, and logged in users would be asked if they're sure since it wasn't submitted with the CSRF token. However, in XF2 I just get a security error if I try to do this: http://demo.themehouse.com/xf2/themes/index.php?misc/style&style_id=5
Not sure if this was intentional or not, but seems like it wouldn't be intentional since I've seen sites use direct links in header/footer to switch between dark and light themes, for example