diff options
| author | Andrew Dolgov <[email protected]> | 2020-09-14 20:21:22 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2020-09-14 20:21:22 +0300 |
| commit | da98ba662ea2af58c27eadecf444537ea07a04c7 (patch) | |
| tree | 5bd86bfaba08ff8b0d396e351d433f40f2c74512 /classes/handler/public.php | |
| parent | b4cb67e77f3b228c007f58caac234cae1afabe73 (diff) | |
public/subscribe: require valid CSRF token when validating the form
Diffstat (limited to 'classes/handler/public.php')
| -rwxr-xr-x | classes/handler/public.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php index 135cdcbc7..7f8d01ad0 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -728,6 +728,7 @@ class Handler_Public extends Handler { if ($_SESSION["uid"]) { $feed_url = trim(clean($_REQUEST["feed_url"])); + $csrf_token = clean($_REQUEST["csrf_token"]); header('Content-Type: text/html; charset=utf-8'); ?> @@ -774,10 +775,11 @@ class Handler_Public extends Handler { <div class='content'> <?php - if (!$feed_url) { + if (!$feed_url || $csrf_token != $_SESSION["csrf_token"]) { ?> <form method="post"> <input type="hidden" name="op" value="subscribe"> + <?php print_hidden("csrf_token", $_SESSION["csrf_token"]) ?> <fieldset> <label>Feed or site URL:</label> <input style="width: 300px" dojoType="dijit.form.ValidationTextBox" required="1" name="feed_url"> @@ -820,6 +822,7 @@ class Handler_Public extends Handler { print "<form action='public.php'>"; print "<input type='hidden' name='op' value='subscribe'>"; + print_hidden("csrf_token", $_SESSION["csrf_token"]); print "<fieldset>"; print "<label style='display : inline'>" . __("Multiple feed URLs found:") . "</label>"; |