frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-03-01 10:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #385 from glaszig/fix/csrf-xhr-race-condition

Browse Source 
fix csrf token xhr race condition
This commit is contained in:
Bill Zimmerman
2019-08-19 12:16:45 +02:00
committed by GitHub
parent df81ce2a07 20d9e919c3
commit aaa2225e6c
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
includes/functions.php
View File

@@ -59,7 +59,9 @@ function safefilerewrite($fileName, $dataToSave)
*/ */
function ensureCSRFSessionToken() function ensureCSRFSessionToken()
{ {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32)); if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
} }
/** /**