1
0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00

Merge pull request #385 from glaszig/fix/csrf-xhr-race-condition

fix csrf token xhr race condition
This commit is contained in:
Bill Zimmerman 2019-08-19 12:16:45 +02:00 committed by GitHub
commit aaa2225e6c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -59,7 +59,9 @@ function safefilerewrite($fileName, $dataToSave)
*/
function ensureCSRFSessionToken()
{
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
}
/**