diff options
| -rwxr-xr-x | classes/article.php | 2 | ||||
| -rw-r--r-- | js/Article.js | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/classes/article.php b/classes/article.php index 998528fe8..9c664a8f6 100755 --- a/classes/article.php +++ b/classes/article.php @@ -2,7 +2,7 @@ class Article extends Handler_Protected { function csrf_ignore($method) { - $csrf_ignored = array("redirect", "editarticletags"); + $csrf_ignored = array("editarticletags"); return array_search($method, $csrf_ignored) !== false; } diff --git a/js/Article.js b/js/Article.js index e7946776e..1e6488184 100644 --- a/js/Article.js +++ b/js/Article.js @@ -133,9 +133,11 @@ const Article = { openInNewWindow: function (id) { const w = window.open(""); + /* global __csrf_token */ + if (w) { w.opener = null; - w.location = "backend.php?op=article&method=redirect&id=" + id; + w.location = "backend.php?op=article&method=redirect&id=" + id + "&csrf_token=" + __csrf_token; Headlines.toggleUnread(id, 0); } |