mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
add csrf meta tag (for use with xhr, for example)
This commit is contained in:
parent
87fe8948b8
commit
20bb9fe42f
@ -67,6 +67,15 @@ function CSRFToken()
|
|||||||
<?php
|
<?php
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Retuns a CSRF meta tag (for use with xhr, for example)
|
||||||
|
*/
|
||||||
|
function CSRFMetaTag()
|
||||||
|
{
|
||||||
|
$token = htmlspecialchars($_SESSION['csrf_token']);
|
||||||
|
return '<meta name="csrf_token" content="' . $token . '">';
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* Validate CSRF Token
|
* Validate CSRF Token
|
||||||
|
@ -64,6 +64,7 @@ $theme_url = 'dist/css/'.htmlspecialchars($theme, ENT_QUOTES);
|
|||||||
<html lang="en">
|
<html lang="en">
|
||||||
<head>
|
<head>
|
||||||
<meta charset="utf-8">
|
<meta charset="utf-8">
|
||||||
|
<?php echo CSRFMetaTag() ?>
|
||||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
<meta name="description" content="">
|
<meta name="description" content="">
|
||||||
|
Loading…
Reference in New Issue
Block a user