diff options
| author | Andrew Dolgov <[email protected]> | 2020-09-17 08:43:39 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2020-09-17 08:43:39 +0300 |
| commit | 1f79d614c4d24fdc0432fd6d080f29ca99b41fbf (patch) | |
| tree | 9f8e4a9307f710cd834ba16c326b7f562b8a37d3 /classes/handler/public.php | |
| parent | 6a4b6cf603002ca0032c209b99da4ab76ac7e013 (diff) | |
fix OTP QR code not displayed because of CSRF token passed as a query
parameter
use type-strict comparison when validating CSRF token on the backend
Diffstat (limited to 'classes/handler/public.php')
| -rwxr-xr-x | classes/handler/public.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index 18be5c640..595473789 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -283,9 +283,12 @@ class Handler_Public extends Handler { } function logout() { - if ($_POST["csrf_token"] == $_SESSION["csrf_token"]) { + if (validate_csrf($_POST["csrf_token"])) { logout_user(); header("Location: index.php"); + } else { + header("Content-Type: text/json"); + print error_json(6); } } @@ -777,7 +780,7 @@ class Handler_Public extends Handler { <div class='content'> <?php - if (!$feed_url || $csrf_token != $_SESSION["csrf_token"]) { + if (!$feed_url || !validate_csrf($csrf_token)) { ?> <form method="post"> <input type="hidden" name="op" value="subscribe"> |