From 20fb0563233f07839a2cc59a1d197fbe282d9ffe Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Fri, 12 Feb 2021 10:37:14 +0300
Subject: remove customizecss from csrf-ignored methods

---
 classes/pref/prefs.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php
index 7385ae28c..45f9dc71e 100644
--- a/classes/pref/prefs.php
+++ b/classes/pref/prefs.php
@@ -8,7 +8,7 @@ class Pref_Prefs extends Handler_Protected {
 	private $profile_blacklist = [];
 
 	function csrf_ignore($method) {
-		$csrf_ignored = array("index", "updateself", "customizecss", "editprefprofiles", "otpqrcode");
+		$csrf_ignored = array("index", "updateself", "editprefprofiles", "otpqrcode");
 
 		return array_search($method, $csrf_ignored) !== false;
 	}
-- 
cgit v1.2.3