hi,
after upgrading from plone 4 to 5.08 i got the csrf exception below on some content (only if i logged in)
thanks
gruss juergen
...
File "/usr/local/Plone5/buildout-cache/eggs/zope.interface-3.6.7-py2.7-linux-x86_64.egg/zope/interface/adapter.py", line 585, in subscribers
subscription(*objects)
File "/usr/local/Plone5/buildout-cache/eggs/plone.transformchain-1.2.0-py2.7.egg/plone/transformchain/zpublisher.py", line 85, in applyTransformOnSuccess
transformed = applyTransform(event.request)
File "/usr/local/Plone5/buildout-cache/eggs/plone.transformchain-1.2.0-py2.7.egg/plone/transformchain/zpublisher.py", line 74, in applyTransform
transformed = transformer(request, result, encoding)
File "/usr/local/Plone5/buildout-cache/eggs/plone.transformchain-1.2.0-py2.7.egg/plone/transformchain/transformer.py", line 49, in call
newResult = handler.transformIterable(result, encoding)
File "/usr/local/Plone5/buildout-cache/eggs/plone.protect-3.0.23-py2.7.egg/plone/protect/auto.py", line 182, in transformIterable
if not self.check():
File "/usr/local/Plone5/buildout-cache/eggs/plone.protect-3.0.23-py2.7.egg/plone/protect/auto.py", line 207, in check
return self._check()
File "/usr/local/Plone5/buildout-cache/eggs/plone.protect-3.0.23-py2.7.egg/plone/protect/auto.py", line 279, in _check
traceback.print_stack(),
2018-03-05 14:06:28 INFO plone.protect None
aborting transaction due to no CSRF protection on url