remove csrf token from rpc method sanityCheck

This commit is contained in:
Andrew Dolgov 2020-09-14 20:00:01 +03:00
parent c3d14e1fa5
commit b4cb67e77f
4 changed files with 10 additions and 1 deletions

View File

@ -1007,7 +1007,6 @@
$params["hotkeys"] = get_hotkeys_map();
$params["csrf_token"] = $_SESSION["csrf_token"];
$params["widescreen"] = (int) $_COOKIE["ttrss_widescreen"];
$params['simple_update'] = defined('SIMPLE_UPDATE_MODE') && SIMPLE_UPDATE_MODE;

View File

@ -47,6 +47,10 @@
}
?>
<script type="text/javascript">
const __csrf_token = "<?php echo $_SESSION["csrf_token"]; ?>";
</script>
<?php print_user_stylesheet() ?>
<style type="text/css">

View File

@ -576,6 +576,8 @@ const App = {
this.is_prefs = is_prefs;
window.onerror = this.Error.onWindowError;
this.setInitParam("csrf_token", __csrf_token);
this.setupNightModeDetection(() => {
parser.parse();

View File

@ -39,6 +39,10 @@
}
?>
<script type="text/javascript">
const __csrf_token = "<?php echo $_SESSION["csrf_token"]; ?>";
</script>
<?php print_user_stylesheet() ?>
<link rel="shortcut icon" type="image/png" href="images/favicon.png"/>