frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2025-12-26 23:26:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

When session token expires, redirect instead of returning a 500 error

Browse Source
This commit is contained in:
billz
2025-03-26 09:51:39 -07:00
parent 0960e8bac9
commit deba5e1e74
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/RaspAP/Tokens/CSRFTokenizer.php
View File

@@ -23,6 +23,8 @@ class CSRFTokenizer {
// ensure a CSRF token exists in the session
if (empty($_SESSION['csrf_token'])) {
$this->ensureCSRFSessionToken();
header("Location: " .$_SERVER['REQUEST_URI']);
exit;
}
if ($this->csrfValidateRequest()) {
@@ -40,7 +42,6 @@ class CSRFTokenizer {
{
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
$token = $_SESSION['csrf_token'];
}
}