Deprecation: #69562 - Deprecate helper methods for redundant CSRF protection

See forge#69562


The method BackendUtility::getUrlToken has been introduced as shortcut to protect data manipulating entry points tce_db.php tce_file.php and alt_doc.php from CSRF attacks. These entry points have been replaced with proper modules or routing, which are CSRF protected by default. With this BackendUtility::getUrlToken is not needed anymore and therefore has been marked as deprecated.


Third party code using BackendUtility::getUrlToken will trigger deprecation log entries.

Affected Installations

Extensions using the above code.


These method calls can safely be removed, when generating links to former entry points tce_db.php tce_file.php and alt_doc.php with the API method calls : BackendUtility::getModuleUrl('tce_db'), BackendUtility::getModuleUrl('tce_file') or BackendUtility::getModuleUrl('record_edit').