From 8080c525fd453bfba9c35f01a08013e148bb2144 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Tue, 15 Sep 2020 16:12:53 +0300
Subject: - backend: require CSRF token to be passed via POST - do not leak
 CSRF token via GET request in feed debugger - rework Article/redirect to use
 POST

---
 classes/handler/public.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'classes/handler/public.php')

diff --git a/classes/handler/public.php b/classes/handler/public.php
index 7f8d01ad0..e4199a95e 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -291,7 +291,7 @@ class Handler_Public extends Handler {
 		$uuid = clean($_REQUEST["key"]);
 
 		if ($uuid) {
-			$sth = $this->pdo->prepare("SELECT ref_id, owner_uid 
+			$sth = $this->pdo->prepare("SELECT ref_id, owner_uid
 						FROM ttrss_user_entries WHERE uuid = ?");
 			$sth->execute([$uuid]);
 
@@ -366,7 +366,7 @@ class Handler_Public extends Handler {
 					}
                     body.css_loading * {
 						display : none;
-					}                   
+					}
 					</style>
                     <link rel='shortcut icon' type='image/png' href='images/favicon.png'>
                     <link rel='icon' type='image/png' sizes='72x72' href='images/favicon-72px.png'>";
@@ -728,7 +728,7 @@ class Handler_Public extends Handler {
 		if ($_SESSION["uid"]) {
 
 			$feed_url = trim(clean($_REQUEST["feed_url"]));
-			$csrf_token = clean($_REQUEST["csrf_token"]);
+			$csrf_token = clean($_POST["csrf_token"]);
 
 			header('Content-Type: text/html; charset=utf-8');
 			?>
-- 
cgit v1.2.3