|
|
@@ -524,6 +524,7 @@ class FormHelper extends Helper
|
|
|
public function end(array $secureAttributes = [])
|
|
|
{
|
|
|
$out = '';
|
|
|
+
|
|
|
if ($this->requestType !== 'get' &&
|
|
|
!empty($this->request['_Token'])
|
|
|
) {
|
|
|
@@ -558,6 +559,9 @@ class FormHelper extends Helper
|
|
|
if (empty($this->request['_Token'])) {
|
|
|
return null;
|
|
|
}
|
|
|
+ if (empty($secureAttributes['debugSecurity'])) {
|
|
|
+ $secureAttributes['debugSecurity'] = Configure::read('debug');
|
|
|
+ }
|
|
|
|
|
|
$tokenData = $this->_buildFieldToken(
|
|
|
$this->_lastAction,
|
|
|
@@ -572,7 +576,7 @@ class FormHelper extends Helper
|
|
|
'value' => $tokenData['unlocked'],
|
|
|
]);
|
|
|
$out .= $this->hidden('_Token.unlocked', $tokenUnlocked);
|
|
|
- if (Configure::read('debug')) {
|
|
|
+ if ($secureAttributes['debugSecurity']) {
|
|
|
$tokenDebug = array_merge($secureAttributes, [
|
|
|
'value' => urlencode(json_encode([
|
|
|
$this->_lastAction,
|
Alejandro Ibarra