- backend: require CSRF token to be passed via POST

- do not leak CSRF token via GET request in feed debugger - rework Article/redirect to use POST
author: Andrew Dolgov <[email protected]> 2020-09-15 16:12:53 +0300
committer: Andrew Dolgov <[email protected]> 2020-09-15 16:12:53 +0300
commit: 8080c525fd453bfba9c35f01a08013e148bb2144 (patch)
tree: d17bf661dfebf3d2ea16c78d821dbb78f07bf0d3 /classes/handler/public.php
parent: aeaafefa07b31c99efd27653ad22f4040572d441 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php
index 7f8d01ad0..e4199a95e 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -291,7 +291,7 @@ class Handler_Public extends Handler {
 		$uuid = clean($_REQUEST["key"]);
 
 		if ($uuid) {
-			$sth = $this->pdo->prepare("SELECT ref_id, owner_uid 
+			$sth = $this->pdo->prepare("SELECT ref_id, owner_uid
 						FROM ttrss_user_entries WHERE uuid = ?");
 			$sth->execute([$uuid]);
 
@@ -366,7 +366,7 @@ class Handler_Public extends Handler {
 					}
                     body.css_loading * {
 						display : none;
-					}                   
+					}
 					</style>
                     <link rel='shortcut icon' type='image/png' href='images/favicon.png'>
                     <link rel='icon' type='image/png' sizes='72x72' href='images/favicon-72px.png'>";
@@ -728,7 +728,7 @@ class Handler_Public extends Handler {
 		if ($_SESSION["uid"]) {
 
 			$feed_url = trim(clean($_REQUEST["feed_url"]));
-			$csrf_token = clean($_REQUEST["csrf_token"]);
+			$csrf_token = clean($_POST["csrf_token"]);
 
 			header('Content-Type: text/html; charset=utf-8');
 			?>
author	Andrew Dolgov <[email protected]>	2020-09-15 16:12:53 +0300
committer	Andrew Dolgov <[email protected]>	2020-09-15 16:12:53 +0300
commit	8080c525fd453bfba9c35f01a08013e148bb2144 (patch)
tree	d17bf661dfebf3d2ea16c78d821dbb78f07bf0d3 /classes/handler/public.php
parent	aeaafefa07b31c99efd27653ad22f4040572d441 (diff)