raspap-webgui/includes/csrf.php

<?php

include_once('includes/functions.php');
include_once('includes/session.php');

if (csrfValidateRequest() && !CSRFValidate()) {
  handleInvalidCSRFToken();
}

ensureCSRFSessionToken();
header('X-CSRF-Token', $_SESSION['csrf_token']);
send CSRF token in a response header, update the page's CSRF tokens with the new token from the response header, verify csrf token in ajax endpoints, initialize a session for every endpoint 2019-08-06 21:34:58 +02:00			`<?php`

			`include_once('includes/functions.php');`
			`include_once('includes/session.php');`

			`if (csrfValidateRequest() && !CSRFValidate()) {`
			`handleInvalidCSRFToken();`
			`}`

			`ensureCSRFSessionToken();`
			`header('X-CSRF-Token', $_SESSION['csrf_token']);`