diff options
| author | Andrew Dolgov <[email protected]> | 2020-09-15 15:35:50 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2020-09-15 15:35:50 +0300 |
| commit | e670ac2ee5f859a974035fd27471e3b456aed24d (patch) | |
| tree | dd92ce56ba6448328c6c1caa95c32adc33165cef /js | |
| parent | 7e50c6c4b5995da117cd57cc26032140b0008c48 (diff) | |
require CSRF token for Article/redirect
Diffstat (limited to 'js')
| -rw-r--r-- | js/Article.js | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/js/Article.js b/js/Article.js index e7946776e..1e6488184 100644 --- a/js/Article.js +++ b/js/Article.js @@ -133,9 +133,11 @@ const Article = { openInNewWindow: function (id) { const w = window.open(""); + /* global __csrf_token */ + if (w) { w.opener = null; - w.location = "backend.php?op=article&method=redirect&id=" + id; + w.location = "backend.php?op=article&method=redirect&id=" + id + "&csrf_token=" + __csrf_token; Headlines.toggleUnread(id, 0); } |