valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove csrf token from rpc method sanityCheck

This commit is contained in:
Andrew Dolgov 2020-09-14 20:00:01 +03:00
parent c3d14e1fa5
commit b4cb67e77f
4 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/functions.php
View File

@ -1007,7 +1007,6 @@
$params["hotkeys"] = get_hotkeys_map(); $params["hotkeys"] = get_hotkeys_map();
$params["csrf_token"] = $_SESSION["csrf_token"];
$params["widescreen"] = (int) $_COOKIE["ttrss_widescreen"]; $params["widescreen"] = (int) $_COOKIE["ttrss_widescreen"];
$params['simple_update'] = defined('SIMPLE_UPDATE_MODE') && SIMPLE_UPDATE_MODE; $params['simple_update'] = defined('SIMPLE_UPDATE_MODE') && SIMPLE_UPDATE_MODE;

4
index.php
View File

@ -47,6 +47,10 @@
} }
?> ?>
<script type="text/javascript">
const __csrf_token = "<?php echo $_SESSION["csrf_token"]; ?>";
</script>
<?php print_user_stylesheet() ?> <?php print_user_stylesheet() ?>
<style type="text/css"> <style type="text/css">

2
js/App.js
View File

@ -576,6 +576,8 @@ const App = {
this.is_prefs = is_prefs; this.is_prefs = is_prefs;
window.onerror = this.Error.onWindowError; window.onerror = this.Error.onWindowError;
this.setInitParam("csrf_token", __csrf_token);
this.setupNightModeDetection(() => { this.setupNightModeDetection(() => {
parser.parse(); parser.parse();

4
prefs.php
View File

@ -39,6 +39,10 @@
} }
?> ?>
<script type="text/javascript">
const __csrf_token = "<?php echo $_SESSION["csrf_token"]; ?>";
</script>
<?php print_user_stylesheet() ?> <?php print_user_stylesheet() ?>
<link rel="shortcut icon" type="image/png" href="images/favicon.png"/> <link rel="shortcut icon" type="image/png" href="images/favicon.png"/>